Microsoft's Update Mistake—Your Windows PC Is Now At Risk

In a surprising turn of events, Microsoft's recent April update has brought an unexpected warning to Windows users heading into the weekend. The mysterious "inetpub" folder, which initially seemed harmless, has now been revealed to pose a risk if weaponized by hackers.

Per XDA-Developers, the "inetpub" folder in Windows 11 can be easily exploited by non-admin users to stop Windows security updates. Attempting to block updates may lead to installation errors or rollbacks on Windows 11. This is a concerning development, especially for users who rely heavily on their PCs for work and personal activities.

PC World was the first to pick up the warning from cyber guru Kevin Beaumont, who noted that the "crucial new 'inetpub' folder is laughably easy to hack." Initially, Microsoft explained that the inetpub folder was created to patch a vulnerability in Windows 11. However, it appears that the folder's intended purpose has inadvertently introduced a new vulnerability.

According to Beaumont, the fix for CVE-2025-21204 allows users to abuse symlinks to elevate privileges using the Windows servicing stack and the c:\inetpub folder. While this may seem like a minor issue, it introduces a denial of service vulnerability that can be exploited by malicious actors.

Google Starts Scanning Your Photos—3 Billion Users Must Now Decide

This is not merely a temporary denial of service – it's a persistent issue that continues until someone manually resolves the junction or reinstalls the system… This could be easily scripted and deployed by malware or malicious actors seeking to keep systems vulnerable to other exploits." - Cybersecurity News

Mayank Parmar from Windows Latest told me, "if someone without admin rights uses a trick (called a junction) to link this folder to a file — like Notepad — it can break future Windows updates. The system expects inetpub to be a folder, not a file, so the updates fail with an error code (0x800F081F). This glitch can be abused to block future updates, and Microsoft hasn’t yet responded to the issue."

Microsoft's advice remains not to delete the folder, but as XDA Developers says, "the company told users not to delete it, as it's a part of a security patch titled CVE-2025-21204 and is harmless. However, deleting the folder won't kill your PC if Microsoft is to be believed."

Normally, a junction is used to make one folder act like another. But in this case, a user can create a junction from C:\inetpub to a file (like Notepad). The system expects inetpub to be a folder. When it turns out to be a file, Windows updates fail with an error, blocking future updates.

All of which means "no admin rights are needed, just this trick breaks the update process."

What Can You Do To Protect Your PC?

If you're concerned about your PC's security, it's essential to take precautions. Here are some steps you can take:

  • Monitor your system drive for unusual junction points.
  • Avoid deleting the "inetpub" folder, as Microsoft has advised against it.
  • Keep your operating system and software up-to-date with the latest security patches.

I have reached out to Microsoft for any further user guidance. In the meantime, users are advised to remain vigilant and take steps to protect their PCs from potential vulnerabilities.