Your computer is now seriously threatened by the enigmatic folder that Microsoft made in Windows 11 without your consent
Over the past few weeks, we've reported on several occasions about the sudden appearance of a mysterious folder after updating to Windows 11. Called inetpub, it appears in the root of your computer's main drive for no apparent reason.
This happened after installing the latest April patches sent by Microsoft for Windows 11. The fact is, this feature caught the attention of many users without them fully understanding its presence. Well, it seems to be more significant than one might initially suspect. Now, the mysterious empty inetpub folder is creating a new security problem for Windows users, as we'll explain.
Initially, when Microsoft released the April 2025 security updates for Windows 11, users around the world began noticing that the update was creating an empty folder on their primary drive. As we previously reported, this was called inetpub. This caused some confusion, as Microsoft kept its existence secret and offered no further explanation. Furthermore, the official release notes did not include any information about this folder.
Shortly after, the software giant revealed that the folder was intentionally created to increase system security. Therefore, users and administrators are advised to keep it and not modify it on their computers. Well, now the problem has emerged because it has been revealed that the creation of this folder could be used by cybercriminals for malicious purposes. Naturally, this could become a serious problem.
- The inetpub folder is a security vulnerability in the Windows operating system.
Specifically, a security expert shared information about the issue, discovering that the folder contains a denial-of-service vulnerability in the Windows Services group. To exploit this vulnerability, all you have to do is create a new symbolic link between the aforementioned inetpub folder and an application like Notepad.
It's worth noting that symbolic links don't require elevated user permissions, meaning attackers don't need to access them. This is all to prevent future security updates. Once the vulnerability is exploited, Windows security updates will not be installed on the attacker's targeted computer. The process generates an error and will be rolled back.
Cybercriminals could then use the attack to prevent the installation of future security updates and exploit existing vulnerabilities. Naturally, all of this would be used to attack out-of-date systems, all without the user's knowledge.
Worse still, this expert tells us that the only way to resolve this security issue is for Microsoft to fix it itself. It's worth noting that the company has already been notified, so it must begin work on fixing the vulnerability.