Summary
- The inetpub folder in Windows 11 can pose a risk if weaponized by hackers.
- Non-admin users can easily stop Windows security updates using junction points.
- Attempting to block updates may lead to installation errors or rollbacks on Windows 11.
There are several ways to keep your Windows 11 PCs safe, including keeping your PC up to date with the latest security patches. While monthly security updates are available for supported versions of Windows 11 only, the April security update introduced a rather controversial “inetpub” folder alongside all the security fixes. Microsoft claimed that users need not worry about it, as the folder is harmless and doesn’t put PCs at risk.
However, it looks like we shouldn’t take Microsoft’s word for it. While the ‘inetpub’ folder might not directly harm your PC, hackers might be able to weaponize it to put your PC at huge risk, according to security researcher Kevin Beaumont.
The harmless-looking folder in Windows 11 may be hackers’ best friend
According to Beaumont, the inetpub folder in Windows 11 April 2025 Update can allow non-admin users to stop all future Windows security updates on your PC. The scary part is that, based on what the security researcher shared in his post, it doesn’t look like anything complicated to stop security updates.
As per Beaumont, all non-admin users have to do is create “junction points” in C:/ and then run a command in the Command Prompt. Beamont has shared how one can create those junction points, and then what command to run to block updates in his Medium post. However, we haven’t independently verified whether his claims are accurate.
However, if you try this on your PC, it won’t stop Windows security updates from appearing on your Windows 11 Update page. Instead, it’ll either display an error when the installation starts or undo the update by rolling back to the previous state. This happens because running the command triggers a “denial of service” (DoS) vulnerability in the Windows servicing stack.
What did Microsoft say about Windows 11’s inetpub folder?
Microsoft quietly introduced the inetpub folder in the April 2025 update, but it went on to explain what it does only when users started growing some suspicion over the folder. The company told users not to delete it, as it’s a part of a security patch titled CVE-2025-21204 and is harmless. However, deleting the folder won’t kill your PC if Microsoft is to be believed.
Related
5 reasons you should be using Controlled Folder Access in Windows 11 for increased data security
If you want to keep your data secure from ransomware attacks, you should use Controlled Folder Access on your Windows system
