Windows 11's Crucial New 'Inetpub' Folder Is Laughably Easy to Hack
A few weeks ago, we reported that a mysterious folder called "inetpub" appeared on numerous Windows PCs after one of the April updates was installed on them. At first glance, it seemed like a bug - the folder was empty and appeared to serve no function. However, Microsoft later explained that the inetpub folder is actually an important component of Windows security, created specifically to patch the CVE-2025-21204 vulnerability.
In short, the folder's purpose is to bump up system security by preventing the vulnerability from being exploited. But, in a shocking twist, this very folder meant to protect users has now become a new security problem. Security researcher Kevin Beaumont discovered that attackers can use the inetpub folder to bypass security updates under Windows.
Beaumont warned against this issue in a blog post, highlighting the potential risks it poses to Windows 11 users. According to his findings, it's possible to prevent the creation of the inetpub folder by creating a junction point in the C: directory. In Windows, a junction point is an alias that redirects one directory to another - essentially like a shortcut.
In Beaumont's example, he created a junction at C:/inetpub pointing to notepad.exe. Once this junction point was made, the actual inetpub folder could no longer be created. This also prevented the installation of the April update and potentially all other security updates as long as Microsoft does not provide a solution to this problem.
Affected PCs would then be vulnerable to other security flaws that have already been fixed. The discovery has already been reported to Microsoft, but there's been no response as of yet. It's unclear whether Microsoft is working on a solution, but at least they should be aware of the problem.
Beaumont also showed that this issue can lead to a constant back and forth of error messages and attempted rollbacks when installing updates - all without requiring elevated privileges to trigger the problem. The implications are clear: Windows 11 users are at risk, and it's up to Microsoft to address the issue.
This article originally appeared on our sister publication PC-WELT and was translated and localized from German.