Microsoft Rolls Out PowerShell Fix to Restore Critical ‘inetpub’ Folder After April 2025 Windows Updates

Windows users faced a surprise after April’s security updates when an empty C:\inetpub folder suddenly appeared on their systems. Now, Microsoft has released a PowerShell script to help restore this folder for those who mistakenly deleted it—because deleting it could reopen a dangerous security hole.

Why That Empty ‘inetpub’ Folder Matters More Than You Think

If you noticed an empty folder named inetpub on your C: drive after the April 2025 updates, you’re not alone. This folder is linked to Internet Information Services (IIS), Microsoft’s web server platform. But here’s the catch—most users don’t even run IIS, so why is this folder showing up?

Turns out, Microsoft created it as a protective measure against a serious vulnerability, CVE-2025-21204, which allows attackers to escalate privileges through Windows Process Activation. Simply put: the folder is a kind of safety shield, even if you’re not running a web server.

Now, some users got puzzled and deleted the folder, thinking it was useless clutter. That’s risky. Removing it can leave your system open to the flaw the update was supposed to patch. Microsoft warned against deleting it in their advisory but also offered a way to fix things if you already did.

The PowerShell Script That Brings the Folder Back—and Why It’s Important

On Wednesday, Microsoft updated its CVE-2025-21204 advisory, releasing a handy PowerShell script to help IT admins and savvy users recreate the folder with the correct permissions. The commands are straightforward:

Running this script sets up the right access controls to keep unauthorized users out, closing the door on possible exploitation tied to the vulnerability.

The script also secures another folder called on Windows Server machines, which came into play with earlier February 2025 updates. So it’s a two-for-one fix that boosts overall system security.

What Happens If You Don’t Use IIS? The Confusing Part

You might ask: “But I don’t use IIS at all, so why do I need that folder?” Good question.

When you install IIS through the Windows “Turn Windows Features on or off” panel, the inetpub folder appears naturally, filled with files needed for the web server. But if you uninstall IIS, the folder sticks around, empty but still important for this vulnerability patch.

Microsoft says that even if IIS isn’t active on your machine, deleting the inetpub folder isn’t a good idea because it’s now part of Windows’ protection scheme. The folder helps keep things locked down behind the scenes.

Here’s a quick breakdown:

• Installing IIS: Creates inetpub with files and system ownership.

• Uninstalling IIS: Folder remains, empty but needed for security.

• Deleting folder: Opens system back up to privilege escalation risk.

So basically, don’t touch it.

The Security Risk Behind This Folder: What You Need to Know

The vulnerability fixed here involves an “improper link resolution” in the Windows Update stack. This means Windows might follow symbolic links wrongly, allowing attackers to trick the system into changing or accessing files they shouldn’t.

The scary bit? Attackers with minimal access could elevate their permissions to the SYSTEM account level, which is basically full control over your PC.

Microsoft’s message is clear: the empty inetpub folder is a shield that shouldn’t be removed. Cybersecurity expert Kevin Beaumont even showed how this folder can be misused by non-admin users to block Windows updates by creating a junction link, which highlights its critical role in system integrity.

What Users Should Do Now: Quick Tips

If you find the folder missing, here’s what you can do:

• Use the PowerShell script Microsoft released to restore permissions.

• Alternatively, reinstall IIS via the control panel to bring the folder back properly.

• Never manually delete or modify the inetpub folder.

• Keep your Windows updated with the latest patches.

It might seem weird that an empty folder matters so much, but this isn’t just about files—it’s about keeping your system safe.

Microsoft’s warning resonates loud and clear: don’t delete the inetpub folder, no matter what. It’s one of those odd but important things that quietly protect your PC. If you’ve deleted it, use their new script or reinstall IIS to stay protected. Simple as that.