-
Posts
-
By Steffan · Posted
How in the world does the tow truck driver not know someone is back there? -
By hellowalkman · Posted
Microsoft shares "immediate remediation" script if you deleted this Windows system folder by Sayan Sen Following the Windows 11/10 Patch Tuesday updates for April 2025, users began noticing a new and mysterious "inetpub" folder in the C: directory. What added to the intrigue was that the folder seemed empty for many people, and thus it was assumed that it could be malicious. As such, many users even proceeded to delete the folder. However, as it turns out, Microsoft later confirmed that this folder was indeed part of the April Patch as it was delivered against the CVE-2025-21204 escalation of privilege security vulnerability. Curiously, a security researcher found that interpub itself could also in turn help threat actors permanently block Windows security updates, although, according to the tech giant, it is only categorized as a "moderate" severity at the moment, something that does not require immediate servicing. As such, Microsoft insists that inetpub must not be deleted "irrespective of whether Internet Information Services (IIS) is active." The company shared a new PowerShell script to restore the folder in case you deleted it, adding that it requires "immediate remediation." This reminds us of the recent Defender definition updates that were released for Windows image files against Lumma. In its MSRC advisory, Microsoft cautioned: "For systems with KB5055528 installed but %systemroot%\inetpub directory deleted, immediate remediation is required. If the inetpub directory has been deleted, you need to run the remediation script Set-InetpubFolderAcl.ps1. This script will: Recreate the inetpub directory if it has been deleted. Ensure that the directory permissions are correctly configured to prevent unauthorized access and potential vulnerabilities related to CVE-2025-21204. Update ACLs for the DeviceHealthAttestation directory, if it exists. This directory was created on certain Server versions by the February 2025 security updates. The script will update the ACLs for the DeviceHealthAttestation directory to ensure it is secure." To get the script, users can head over to this page on Microsoft's official PowerShell Gallery website. It should be run with elevated privileges. The page also provides some additional instructions if needed. -
By +DonC · Posted
Thanks, Streisand Effect! -
-
-
-
Recent Achievements
-
Karlston went up a rank
Mentor
-
EdwardFranciscoVilla earned a badge
One Month Later
-
MoyaM earned a badge
One Month Later
-
qology earned a badge
One Month Later
-
Frinco90 earned a badge
One Year In
-
-
Popular Contributors
-
Tell a friend
Recommended Posts