The ‘inetpub’ folder in Home windows is laughably straightforward to bypass
A number of weeks in the past, we reported {that a} mysterious folder referred to as “inetpub” appeared on quite a few Home windows PCs after one of many April updates was put in on them. The preliminary impression was that this was a bug, because the folder was empty and apparently served no perform.
Microsoft later defined that the inetpub folder is vital for Home windows safety as a result of it was created to patch the CVE-2025-21204 vulnerability. In brief, the folder is there to bump up system safety by stopping the vulnerability from being exploited.
Nonetheless, this very folder meant to guard you is now inflicting a brand new safety downside, as attackers can apparently use it to bypass safety updates beneath Home windows. Safety researcher Kevin Beaumont found this and warned towards it in a weblog publish.
Safety threat brought on by a innocent folder
In keeping with Beaumont, it’s doable to forestall the creation of the inetpub folder by making a junction level within the C: listing. In Home windows, a junction level is an alias that redirects one listing to a different (or principally like a shortcut). In his instance, Beaumont created a junction at C:/inetpub pointing to notepad.exe.
As soon as this junction level is made, the precise inetpub folder can now not be created. This additionally prevents the set up of the April replace and doubtlessly all different safety updates so long as Microsoft doesn’t present an answer to this downside. Affected PCs would then be susceptible to different safety flaws which have already been mounted.
Beaumont exhibits that this will additionally result in a continuing backwards and forwards of error messages and tried rollbacks when putting in updates—and attackers don’t even want elevated privileges to set off the issue.
The invention has already been reported to Microsoft, however there’s been no response as of but. It’s unclear whether or not Microsoft is engaged on an answer, however at the least they need to pay attention to the issue.
This text initially appeared on our sister publication PC-WELT and was translated and localized from German.
