If you removed the “inetpub” folder that was generated after installing the Windows April 2025 Updates, you must restore it immediately, or your system could remain exposed to potential security vulnerabilities. Microsoft informed Windows Latest that this folder can be recreated by enabling the IIS service, or alternatively, you can use a new PowerShell script released on May 28.

For those unfamiliar, after applying the April 2025 Updates, Windows 11 24H2 and older versions such as Windows 10 created an empty folder named “inetpub.” This folder is usually related to Internet Information Services (IIS), a built-in Windows feature that enables developers to host web applications or websites on Windows 11.

Specifically for Windows 11, Microsoft introduced the directory (C:\inetpub\) with update KB5055523 or newer. As seen in the screenshot above, the folder is empty and shows zero bytes of data in its properties.

When I checked my system settings, I found that IIS wasn’t enabled either. Unfortunately, since Microsoft did not explicitly mention that the creation of the “inetpub” folder was intentional in their release notes, some users assumed it was a bug from the cumulative update and proceeded to delete it.

Others removed the folder due to concerns about Microsoft’s approach—particularly the act of creating a folder to fix an OS vulnerability when it can be easily deleted, raising questions about the nature of the patch itself.

Later, Microsoft updated their documentation and clarified to Windows Latest that the “inetpub” folder was created as part of a security fix for CVE-2025-21204, and whether IIS is active or not doesn’t matter—it will still appear. Users are advised not to delete it, and if they already did, they should restore it immediately.

Microsoft explained: “The CVE-2025-21204 vulnerability arises from improper handling of symbolic links before file access (‘link following’) within the Windows Update Stack. On unpatched systems, this flaw could allow local attackers to trick the system into accessing or modifying unintended files or folders.”

Earlier, Microsoft had told Windows Latest that the “inetpub” folder could be recreated with the same level of security by enabling Internet Information Services (IIS) via Control Panel > Programs > Programs & Features > Turn Windows features on or off.

However, most users aren’t keen on turning on IIS because it creates additional folders that aren't needed unless you're a developer.

Windows Latest recently discovered that there's now a PowerShell script available that recreates the folder without requiring IIS to be enabled.

Microsoft published this script on May 28, and here's how to use it.

How to use PowerShell script to restore “inetpub” and patch CVE-2025-21204?

1. Launch PowerShell as Administrator—this is essential because modifying folder ACLs and installing modules require admin rights.
   
2. In PowerShell, first allow signed scripts and modules from Microsoft’s PowerShell Gallery using this command: Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
   
3. To download the script from the PowerShell Gallery, run this command: Install-Script -Name Set-InetpubFolderAcl -Force
   
4. In certain cases (like mine), you might be prompted to install the “NuGet Provider” if it’s missing. Simply respond with “Y” and then rerun the “install-script” command.
   
5. Run “Set-InetpubFolderAcl” to apply the fix and recreate the folder. If you encounter a “command not found” error, execute it using the full path: ``` & "C:\Program Files\WindowsPowerShell\Scripts\Set-InetpubFolderAcl.ps1"

   <code></code>

How does Install-Script command work?

As noted by Windows Latest, the Install-Script command downloads the .ps1 script file into your local PowerShell Scripts folder (typically C:\Program Files\WindowsPowerShell\Scripts). The fourth step is necessary to actually execute the script. You should definitely consider restoring the “inetpub” folder. According to Microsoft, failing to have this folder and its correct ACLs (Access Control Lists) leaves your system vulnerable to privilege escalation or unauthorized access.

By running the Set-InetpubFolderAcl.ps1 script mentioned above, you are recreating the folder and setting up the appropriate IIS-style permissions so that the security patch for CVE-2025-21204 included in the April 2025 Update becomes effective.

Got any questions? Feel free to leave them in the comments below.

The above is the detailed content of Microsoft: Run PS script now if you deleted 'inetpub' on Windows 11, Windows 10. For more information, please follow other related articles on the PHP Chinese website!