After the April security update, Windows 10 and 11 users noticed a mysterious empty inetpub folder on their drives, the appearance of which was not explained in any way. However, as Microsoft explained, there is no reason to worry – this is not a bug, but a new system security measure.
Image source: Panos Sakalakis / Unsplash
«
While the folder may seem useless — it doesn’t contain any content — it serves an important function. Created with system rights and read-only access, the folder prevents potential exploitation of the vulnerability. Administrators using IIS are familiar with inetpub for a long time, as it is where website scripts and content are stored by default. However, in this case, the folder is created solely for security purposes — even on devices where IIS has never been activated.
If the user accidentally deleted this folder after the update, Microsoft offers two recovery options: temporarily enable IIS through Windows settings (after which the folder will appear automatically) or create it manually with the necessary access rights – read-only and with the SYSTEM owner.