Microsoft April 2025 Security Update Creates Empty ‘inetpub’ Folder You Shouldn’t Delete

An April 2025 Microsoft security patch rollout has been spotted creating an empty ‘inetpub’ folder on receiving systems. Experts say you shouldn’t remove it.

The empty ‘inetpub’ folder conundrum

Windows users reported that a security update Microsoft pushed in April 2025 created a new ‘inetpub’ on their machines.

After looking into the matter, Microsoft confirmed the strange behavior. According to BleepingComputer, the same behavior occurs on Windows 10 and 11 devices. Reportedly, the update uses the SYSTEM account to create the folder.

However, Redmond claims that the C:\inetpub folder creation is intentional and that users should refrain from deleting it. The folder, the company says, is used by Microsoft’s Internet Information Services (IIS). However, IIS isn’t installed during the cumulative update’s deployment.

Reason for the folder’s creation still unclear

Apparently, removing the folder after installing the cumulative update doesn’t impact system functionality. One interesting fact, though, is that creating the folder before deploying the update triggers an error in the installation.

Why the latest Windows monthly security update creates an empty folder on receiving systems is still unknown. However, Microsoft recently updated CVE-2025-21204, a Windows Process Activation elevation of privilege vulnerability advisory, warning users not to delete it.

After installing the updates listed in the Security Updates table for your operating system, a new %systemdrive%\inetpub folder will be created on your device. This folder should not be deleted regardless of whether Internet Information Services (IIS) is active on the target device. This behavior is part of changes that increase protection and does not require any action from IT admins and end users.

Protecting your Windows PC against threats

Regularly updating your Windows PC is one of the most important steps in maintaining its security. However, dedicated security solutions like Bitdefender Ultimate Security can boost your cyber resilience even further.

It detects and deters viruses, worms, Trojans, zero-day exploits, ransomware, spyware, rootkits and other digital threats.

Key features include complete, real-time data protection, behavioral detection for active apps, network threat prevention, a vulnerability assessment module that checks your PC for outdated and vulnerable software, including missing Windows security patches, and AI-powered scam detection.