Microsoft's recent security patches for Windows create an empty C:\inetpub folder, which serves as a protective measure against an elevation-of-privileges flaw (CVE-2025-21204). This folder appears irrespective of whether the Internet Information Services (IIS) is installed or active and is meant to enhance system security. Administrators are advised not to delete this folder, as it strengthens defenses against potential malware and exploits. Microsoft emphasizes that this change does not require additional actions from users or IT admins, ensuring a seamless security enhancement for Windows 10 and 11 users.
Canny Windows users who've spotted a mysterious folder on hard drives after applying last week's security patches for the operating system can rest assured - it's perfectly benign. In fact, it's recommended you leave the directory there.
The inetpub folder isn't a new concept - administrators running IIS will have seen it for years. It's used to store the web server's script files, site content, and other bits and pieces.
Collection
[
|
...
]