Microsoft's New Windows Update — 1 Billion Users Warned: Do Not Delete

Do not delete this Windows update folder, Microsoft warns.
Windows users have a lot on their collective plate when it comes to matters of security, that's for sure. There's the zero-day vulnerability that wants to steal your Windows passwords, hackers bypassing Windows Defender security protections, and then there's Microsoft's own decisions to deal with. The deletion of VPN provision Windows Defender users and, much more seriously, the deletion of security support for Windows 10 users. As an aside, you can still get Windows 11 for free, if you are quick. The latest and somewhat confusing situation of Microsoft's making has come about as Windows users noticed a mysterious new folder after the most recent security update. A folder with no explanation and one which, now, Microsoft has warned a billion Windows users they must not delete.
As part of the April 8 Patch Tuesday security updates, Microsoft included a fix for CVE-2025-21204. This vulnerability in the critical Windows Update Stack, which is responsible for the management of Windows updates, no less, could lead to an attacker to elevate privileges locally. Something that the experts at SecurityVulnerability.io described as posing 'a significant risk to organizations, as the compromised systems could allow attackers to execute unauthorized actions, potentially undermining the integrity and security of sensitive information and system operations.' I won't bore you with the technicalities of link resolution process manipulation that could enable hackers to access files and execute commands; just know it's pretty darn serious. Which is why Microsoft fixed it, and that's a good thing.
The way that Microsoft fixed it, however, is not so good. A lack of transparency is a particular bugbear of mine when it comes to anything security-related, and this vulnerability patch is no exception. The problem is that Microsoft created a new and empty folder with the security update, the appearance of which led to a totally understandable debate in tech forums and on Reddit as well as other social media platforms. What was this 'inetpub' folder, how did it get there, is it dangerous, is Microsoft using it to collect data, and should I delete it?
According to a new Microsoft security advisory update, the answer to the last of these questions is a resounding no. Windows users must not delete the inetpub folder, Microsoft warned.
An April 10 update to Microsoft's security advisory concerning CVE-2025-21204, entitled 'Windows Process Activation Elevation of Privilege Vulnerability,'confirmed that 'after installing the updates listed in the Security Updates table for your operating system, a new %systemdrive%\inetpub folder will be created on your device.'
Microsoft Security Advisory
Microsoft went on to say that the folder installation was 'part of changes that increase protection' but failed to explain precisely how. What I do know is that the inetpub folder itself usually comes as part of the Internet Information Services web server platform, enabled using Windows Features, but this update has dropped it whether the user has IIS installed or not. More transparency is required, methinks, although not at the expense of tipping off potential attackers as to how the mitigation works, of course.
What I can say, however, is that as a security wonk, I strongly urge all Windows users to follow Microsoft's advice: 'This folder should not be deleted regardless of whether Internet Information Services (IIS) is active on the target device.'

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Miami Herald

an hour ago

• Miami Herald

European leaders seek ‘digital sovereignty' over tech infrastructure

June 21 (UPI) -- Leaders of many European nations say they need to do more to develop technological infrastructure to ensure digital sovereignty instead of relying on services from global tech firms. A recent forum discussion on the market dominance of global corporations assessed the "blurring of the boundaries between economic and political control" among European nations by tech firms. A consensus of attendees at the ongoing Berlin Summit 2025 agreed European nations need to coordinate their efforts to develop infrastructures to "avoid path dependencies and long-term dependence on global platform players," Forum New Economy reported on Friday. "European countries are highly dependent on companies from the USA and China in a variety of technological infrastructures, from cloud services and social media to generative artificial intelligence," Forum New Economy reported. Such companies dominate European markets and are increasing their control of digital infrastructures, innovation networks, supply chains, data flows and research agendas. An example is Microsoft earlier this year suspending the business email account for International Criminal Court prosecutor Karim Khan. The action occurred within months of the ICC issuing a warrant for the arrest of Israeli Prime Minister Benjamin Netanyahu. Although the tech firm suspended Khan's ICC email account, Microsoft officials said it still is providing services for the ICC. The company also announced their intent to support the digital sovereignty of European nations. "We've operated in Europe for more than 40 years, and we have been and always will be a steadfast partner to Europe," Microsoft Chairman and Chief Executive Officer Satya Nadella said in a social media post on Friday. Microsoft is supporting European sovereignty and that of its respective nations with several existing and new tech offerings, Nadella said. The services include Microsoft Sovereign Cloud, Data Guardian, External Key Management and Sovereign Private Cloud. The existing and new offerings "bring digital sovereignty to all European organizations" and"unlock new sovereign ways to run private sovereign clouds," Nadella said. "These new offerings build on decades of pioneering work in sovereign cloud solutions by ourselves and to our partners," he added. Copyright 2025 UPI News Corporation. All Rights Reserved.

Yahoo

an hour ago

• Yahoo

Growth Investors: Industry Analysts Just Upgraded Their Core Lithium Ltd (ASX:CXO) Revenue Forecasts By 13%

Core Lithium Ltd (ASX:CXO) shareholders will have a reason to smile today, with the analysts making substantial upgrades to this year's statutory forecasts. The analysts have sharply increased their revenue numbers, with a view that Core Lithium will make substantially more sales than they'd previously expected. AI is about to change healthcare. These 20 stocks are working on everything from early diagnostics to drug discovery. The best part - they are all under $10bn in marketcap - there is still time to get in early. Following the upgrade, the consensus from four analysts covering Core Lithium is for revenues of AU$675k in 2025, implying a disturbing 99% decline in sales compared to the last 12 months. Prior to the latest estimates, the analysts were forecasting revenues of AU$595k in 2025. It looks like there's been a clear increase in optimism around Core Lithium, given the solid increase in revenue forecasts. See our latest analysis for Core Lithium These estimates are interesting, but it can be useful to paint some more broad strokes when seeing how forecasts compare, both to the Core Lithium's past performance and to peers in the same industry. These estimates imply that sales are expected to slow, with a forecast annualised revenue decline of 99% by the end of 2025. This indicates a significant reduction from annual growth of 75% over the last five years. By contrast, our data suggests that other companies (with analyst coverage) in the same industry are forecast to see their revenue grow 6.5% annually for the foreseeable future. So although its revenues are forecast to shrink, this cloud does not come with a silver lining - Core Lithium is expected to lag the wider industry. The most important thing to take away from this upgrade is that analysts lifted their revenue estimates for this year. They also expect company revenue to perform worse than the wider market. Seeing the dramatic upgrade to this year's forecasts, it might be time to take another look at Core Lithium. Analysts are definitely bullish on Core Lithium, but no company is perfect. Indeed, you should know that there are several potential concerns to be aware of, including a short cash runway. For more information, you can click through to our platform to learn more about this and the 2 other risks we've identified . Of course, seeing company management invest large sums of money in a stock can be just as useful as knowing whether analysts are upgrading their estimates. So you may also wish to search this free list of stocks with high insider ownership. Have feedback on this article? Concerned about the content? Get in touch with us directly. Alternatively, email editorial-team (at) article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned.

UPI

an hour ago

• UPI

European leaders seek 'digital sovereignty' over tech infrastructure

1 of 3 | Jensen Huang, founder and chief executive officer of NVIDIA, unveils the latest RTX 5070 laptop processors on stage during the 2025 International CES at the Mandalay Bay Resort and Casino in Las Vegas on January 6. File Photo by James Atoa/UPI | License Photo June 21 (UPI) -- Leaders of many European nations say they need to do more to develop technological infrastructure to ensure digital sovereignty instead of relying on services from global tech firms. A recent forum discussion on the market dominance of global corporations assessed the "blurring of the boundaries between economic and political control" among European nations by tech firms. A consensus of attendees at the ongoing Berlin Summit 2025 agreed European nations need to coordinate their efforts to develop infrastructures to "avoid path dependencies and long-term dependence on global platform players," Forum New Economy reported on Friday. "European countries are highly dependent on companies from the USA and China in a variety of technological infrastructures, from cloud services and social media to generative artificial intelligence," Forum New Economy reported. Such companies dominate European markets and are increasing their control of digital infrastructures, innovation networks, supply chains, data flows and research agendas. An example is Microsoft earlier this year suspending the business email account for International Criminal Court prosecutor Karim Khan. The action occurred within months of the ICC issuing a warrant for the arrest of Israeli Prime Minister Benjamin Netanyahu. Although the tech firm suspended Khan's ICC email account, Microsoft officials said it still is providing services for the ICC. The company also announced their intent to support the digital sovereignty of European nations. "We've operated in Europe for more than 40 years, and we have been and always will be a steadfast partner to Europe," Microsoft Chairman and Chief Executive Officer Satya Nadella said in a social media post on Friday. Microsoft is supporting European sovereignty and that of its respective nations with several existing and new tech offerings, Nadella said. The services include Microsoft Sovereign Cloud, Data Guardian, External Key Management and Sovereign Private Cloud. The existing and new offerings "bring digital sovereignty to all European organizations" and"unlock new sovereign ways to run private sovereign clouds," Nadella said. "These new offerings build on decades of pioneering work in sovereign cloud solutions by ourselves and to our partners," he added.