Windows "inetpub" security fix can be abused to block future updates

A recent Windows security update that creates an ‘inetpub’ folder has introduced a new weakness allowing attackers to prevent the installation of future updates. After people installed this month's Microsoft Patch Tuesday security updates, Windows users suddenly found an "inetpub" folder owned by the SYSTEM account created in the root of the system drive, normally the C: drive. It was strange to see this folder created as it is normally used to hold files associated with Microsoft's Internet Information Service web server, which was not installed on these devices. In an update to a security advisory, Microsoft later confirmed that the C:\inetpub folder was part of a fix for a Windows Process Activation elevation of privilege vulnerability tracked as CVE-2025-21204, with the company warning not to delete the folder. "After installing the updates listed in the Security Updates table for your operating system, a new %systemdrive%\inetpub folder will be created on your device," confirm ... Read full article.