From the article comes this statement about this issue: * Microsoft has not officially responded to Neowin regarding whether this is a bug or something else entirely. I have personally verified the folder resides on ALL my Windows 11 machines that updated during the April patch Tuesday. It is also present on my daily Windows 10 Pro machine, neither have IIS enabled.

It seems that the newly discovered folder is related to Microsoft Internet Information Services, a platform that was introduced in 1995 for hosting websites and services. While IIS is still present in modern Windows releases, it is turned off by default. It is an optional feature that requires manual installation from the “Turn Windows features on or off” UI. Therefore, the inetpub folder should not be present on drive C by default.

SA

From the FAQ in Microsoft’s MSRC Security Update Guide for the zero-day CVE-2025-21204 (updated 10-Apr-2025) at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21204 :

Does installing the Windows security updates that address this CVE cause visible change on devices?

After installing the updates listed in the Security Updates table for your operating system, a new %systemdrive%\inetpub folder will be created on your device. This folder should not be deleted regardless of whether Internet Information Services (IIS) is active on the target device. This behavior is part of changes that increase protection and does not require any action from IT admins and end users.

Kudos to EricB for posting about this FAQ warning in post # 2762221 of Susan Bradly’s April 2025 Updates Out in the AskWoody forum.

Dell Inspiron 15 5584 * 64-bit Win 10 Pro v22H2 build 19045.5737 * Firefox v137.0.1 * Microsoft Defender v4.18.25020.1009-1.1.25030.1 * Malwarebytes Premium v5.2.10.182-130.0.5212 * Macrium Reflect Free v8.0.7783

Concured!!