Deleting 'inetpub' folder lets hackers permanently stop Windows updates, Microsoft warns

A security researcher figured out that it could introduce a DOS vulnerability

News

Reading time icon 2 min. read

Calendar icon Published on

by Rishaj Upadhyay 

published on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

inetpub folder don't delete Microsoft warns

If you recently discovered Microsoft’s official, yet mysterious ‘inetpub’ folder in your system and deleted it because it was empty, there’s some bad news for you.

When asked, Microsoft advised users not to delete the folder—doing so would leave the system exposed to new threats.

Microsoft warns that deleting the ‘inetpub’ folder can let hackers permanently block Windows updates on your PC

Microsoft says that the ‘inetpub’ folder was automatically created on all Windows systems to prevent symlink abuse. For the uninitiated, Symlinks, or symbolic links, are files that act as pointers to other files or directories, containing the filesystem path to their target.

Although widely used, the fact is that ‘inetpub’ doesn’t require elevated privileges to create, making it exploitable by attackers. According to a security researcher, Kevin Beaumont, this fix introduces a denial-of-service vulnerability. What’s worse is that non-admin users can exploit the c:\inetpub folder to stop Windows from installing updates.

Beaumont, in a blog post, noted that running a simple command—mklink /j c:\inetpub c:\windows\system32\notepad.exe—creates a symlink linking c:\inetpub to notepad.exe. This disrupts the Windows servicing stack, causing the April 2025 Patch Tuesday updates and future patches to fail.

As a result, this flaw leaves your Windows 10 and Windows 11 systems without security fixes. Not to mention, this security vulnerability is concerning because it doesn’t require any admin rights.

Microsoft could be working on a fix

While Beaumont reported the issue to the Microsoft Security Response Center (MSRC), he hasn’t received any response in this matter. It’s possible that Microsoft is working on a fix, which we expect could roll out in a future update.

Until then, users should limit command-line access for non-admins and monitor the c:\inetpub folder. If Microsoft releases a patch in the near future, make sure to update your system with it.

More about the topics: windows 10, Windows 11, Windows Update

Rishaj Upadhyay

Rishaj Upadhyay Shield

Rishaj is a tech writer who has been writing professionally for over four years, with a passion for Android, Windows, and all things tech. He initially joined Windows Report as a tech journalist and is now taking over as a news editor. He also writes for AndroidHeadlines. In the past, he has covered features, guides, and listicles for YTECHB and TechieTechTech. When he's not breaking the keyboard, you can find him cooking, or listening to music/podcasts.

User forum

0 messages