Microsoft's Update Mistake—Your Windows PC Is Now At Risk

Microsoft's April update suddenly gets awkward
Getty Images
An awkward new warning for Windows users heading into the weekend. Microsoft's confusing messaging on deleting or not deleting a mystery folder on your PC has suddenly taken a nasty turn. This could now leave you and your PC at risk.
We're talking 'inetpub,' of course, the mysterious folder that turned up on PCs post the April update, and which at first was irrelevant and then critical and is now a threat. Per XDA-Developers, the ''inetpub' folder might be more dangerous than we thought… the inetpub folder in Windows 11 can pose a risk if weaponized by hackers. Non-admin users can easily stop Windows security updates using junction points. Attempting to block updates may lead to installation errors or rollbacks on Windows 11.'
PC World was first to pick up the warning from cyber guru Kevin Beaumont, commenting that the 'crucial new 'inetpub' folder is laughably easy to hack… The initial impression was that this was a bug, as the folder was empty and apparently served no function. Microsoft later explained that the inetpub folder is important for Windows security because it was created to patch the CVE-2025-21204 vulnerability.'
That's neatly ironic. 'In short, the folder [which] is there to bump up system security by preventing the vulnerability from being exploited' actually introduces a vulnerability.
According to Beaumont, Microsoft's patch for CVE-2025–21204, which 'allows users to abuse symlinks to elevate privileges using the Windows servicing stack and the c:\inetpub folder.' The fix is to add the c:\inetpub folder themselves, but the new problem is 'this fix introduces a denial of service vulnerability in the Windows servicing stack that allows non-admin users to stop all future Windows security updates.'
If you're not keeping up with the 'inetpub' story so far, you're not alone.
Per Cybersecurity News, 'this isn't merely a temporary denial of service – it's a persistent issue that continues until someone manually resolves the junction or reinstalls the system… This could be easily scripted and deployed by malware or malicious actors seeking to keep systems vulnerable to other exploits.'
Absent a fix — and Beaumont reported this to Microsoft a fortnight ago, 'system administrators are advised to monitor the system drive for unusual junction points.'
Mayank Parmar from Windows Latest told me 'if someone without admin rights uses a trick (called a junction) to link this folder to a file — like Notepad — it can break future Windows updates. The system expects inetpub to be a folder, not a file, so the updates fail with an error code (0x800F081F). This glitch can be abused to block future updates, and Microsoft hasn't yet responded to the issue.'
The advice remains not to delete the folder, but as XDA Developers says, 'the company told users not to delete it, as it's a part of a security patch titled CVE-2025-21204 and is harmless. However, deleting the folder won't kill your PC if Microsoft is to be believed.'
According to Parmar, 'normally a junction is used to make one folder act like another. But here, a user can create a junction from C:\inetpub to a file (like Notepad). The system expects inetpub to be a folder. When it turns out to be a file, Windows updates fail with an error, blocking future updates." All of which means "no admin rights are needed, just this trick breaks the update process.'
I have reached out to Microsoft for any further user guidance.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Miami Herald

an hour ago

• Miami Herald

European leaders seek ‘digital sovereignty' over tech infrastructure

June 21 (UPI) -- Leaders of many European nations say they need to do more to develop technological infrastructure to ensure digital sovereignty instead of relying on services from global tech firms. A recent forum discussion on the market dominance of global corporations assessed the "blurring of the boundaries between economic and political control" among European nations by tech firms. A consensus of attendees at the ongoing Berlin Summit 2025 agreed European nations need to coordinate their efforts to develop infrastructures to "avoid path dependencies and long-term dependence on global platform players," Forum New Economy reported on Friday. "European countries are highly dependent on companies from the USA and China in a variety of technological infrastructures, from cloud services and social media to generative artificial intelligence," Forum New Economy reported. Such companies dominate European markets and are increasing their control of digital infrastructures, innovation networks, supply chains, data flows and research agendas. An example is Microsoft earlier this year suspending the business email account for International Criminal Court prosecutor Karim Khan. The action occurred within months of the ICC issuing a warrant for the arrest of Israeli Prime Minister Benjamin Netanyahu. Although the tech firm suspended Khan's ICC email account, Microsoft officials said it still is providing services for the ICC. The company also announced their intent to support the digital sovereignty of European nations. "We've operated in Europe for more than 40 years, and we have been and always will be a steadfast partner to Europe," Microsoft Chairman and Chief Executive Officer Satya Nadella said in a social media post on Friday. Microsoft is supporting European sovereignty and that of its respective nations with several existing and new tech offerings, Nadella said. The services include Microsoft Sovereign Cloud, Data Guardian, External Key Management and Sovereign Private Cloud. The existing and new offerings "bring digital sovereignty to all European organizations" and"unlock new sovereign ways to run private sovereign clouds," Nadella said. "These new offerings build on decades of pioneering work in sovereign cloud solutions by ourselves and to our partners," he added. Copyright 2025 UPI News Corporation. All Rights Reserved.

Yahoo

an hour ago

• Yahoo

Growth Investors: Industry Analysts Just Upgraded Their Core Lithium Ltd (ASX:CXO) Revenue Forecasts By 13%

Core Lithium Ltd (ASX:CXO) shareholders will have a reason to smile today, with the analysts making substantial upgrades to this year's statutory forecasts. The analysts have sharply increased their revenue numbers, with a view that Core Lithium will make substantially more sales than they'd previously expected. AI is about to change healthcare. These 20 stocks are working on everything from early diagnostics to drug discovery. The best part - they are all under $10bn in marketcap - there is still time to get in early. Following the upgrade, the consensus from four analysts covering Core Lithium is for revenues of AU$675k in 2025, implying a disturbing 99% decline in sales compared to the last 12 months. Prior to the latest estimates, the analysts were forecasting revenues of AU$595k in 2025. It looks like there's been a clear increase in optimism around Core Lithium, given the solid increase in revenue forecasts. See our latest analysis for Core Lithium These estimates are interesting, but it can be useful to paint some more broad strokes when seeing how forecasts compare, both to the Core Lithium's past performance and to peers in the same industry. These estimates imply that sales are expected to slow, with a forecast annualised revenue decline of 99% by the end of 2025. This indicates a significant reduction from annual growth of 75% over the last five years. By contrast, our data suggests that other companies (with analyst coverage) in the same industry are forecast to see their revenue grow 6.5% annually for the foreseeable future. So although its revenues are forecast to shrink, this cloud does not come with a silver lining - Core Lithium is expected to lag the wider industry. The most important thing to take away from this upgrade is that analysts lifted their revenue estimates for this year. They also expect company revenue to perform worse than the wider market. Seeing the dramatic upgrade to this year's forecasts, it might be time to take another look at Core Lithium. Analysts are definitely bullish on Core Lithium, but no company is perfect. Indeed, you should know that there are several potential concerns to be aware of, including a short cash runway. For more information, you can click through to our platform to learn more about this and the 2 other risks we've identified . Of course, seeing company management invest large sums of money in a stock can be just as useful as knowing whether analysts are upgrading their estimates. So you may also wish to search this free list of stocks with high insider ownership. Have feedback on this article? Concerned about the content? Get in touch with us directly. Alternatively, email editorial-team (at) article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned.

UPI

an hour ago

• UPI

European leaders seek 'digital sovereignty' over tech infrastructure

1 of 3 | Jensen Huang, founder and chief executive officer of NVIDIA, unveils the latest RTX 5070 laptop processors on stage during the 2025 International CES at the Mandalay Bay Resort and Casino in Las Vegas on January 6. File Photo by James Atoa/UPI | License Photo June 21 (UPI) -- Leaders of many European nations say they need to do more to develop technological infrastructure to ensure digital sovereignty instead of relying on services from global tech firms. A recent forum discussion on the market dominance of global corporations assessed the "blurring of the boundaries between economic and political control" among European nations by tech firms. A consensus of attendees at the ongoing Berlin Summit 2025 agreed European nations need to coordinate their efforts to develop infrastructures to "avoid path dependencies and long-term dependence on global platform players," Forum New Economy reported on Friday. "European countries are highly dependent on companies from the USA and China in a variety of technological infrastructures, from cloud services and social media to generative artificial intelligence," Forum New Economy reported. Such companies dominate European markets and are increasing their control of digital infrastructures, innovation networks, supply chains, data flows and research agendas. An example is Microsoft earlier this year suspending the business email account for International Criminal Court prosecutor Karim Khan. The action occurred within months of the ICC issuing a warrant for the arrest of Israeli Prime Minister Benjamin Netanyahu. Although the tech firm suspended Khan's ICC email account, Microsoft officials said it still is providing services for the ICC. The company also announced their intent to support the digital sovereignty of European nations. "We've operated in Europe for more than 40 years, and we have been and always will be a steadfast partner to Europe," Microsoft Chairman and Chief Executive Officer Satya Nadella said in a social media post on Friday. Microsoft is supporting European sovereignty and that of its respective nations with several existing and new tech offerings, Nadella said. The services include Microsoft Sovereign Cloud, Data Guardian, External Key Management and Sovereign Private Cloud. The existing and new offerings "bring digital sovereignty to all European organizations" and"unlock new sovereign ways to run private sovereign clouds," Nadella said. "These new offerings build on decades of pioneering work in sovereign cloud solutions by ourselves and to our partners," he added.