It’s no secret that updating your Windows PC often brings surprises, be it Microsoft’s AI assistant Copilot breaking or your Start menu changing without warning. This time, the April update snuck a mysterious folder onto everyone’s PCs.
That Random “inetpub” Windows Folder Is Part of a Security Fix
On April 8th, 2025, Microsoft rolled out thePatch Tuesday April 2025 updates, which included the KB5055523 (24H2) update for Windows 11. Just a day after it was released,Windows Latest(along with tons of Windows users, like those on thisReddit post) spotted a mysterious folder calledinetpubsuddenly appearing on the drive where Windows 11 is installed, typically the C: drive for most users.
While the folder is, ironically, empty and tasks up zero bytes of size on the system drive, waking up to a random folder on your PC would freak anyone out.
Theinetpubfolder is related to an optional Windows feature called InternetInformation Services (IIS), which is Microsoft’s web server software for developers and is created when a developer enables theIISfeature manually. To do so, one needs to go toTurn Windows feature on or offand explicitly install it. The folder typically contains web pages a developer might locally host on the PC, like for testing or internal tools, before pushing them live.
With the April update, though, it was automatically installed on everyone’s PC, even if they had theIISfeature disabled. While most people deleted the folder from their PC entirely when they noticed it,Windows Latest has now mentionedthat Microsoft confirmed to them theinetpubfolder wasn’t created by accident. It was intentionally added as part of the security patch.
These Apps Might Keep You From Getting the Windows 11 24H2 Update Right Away
You might not even realize you have some of these apps.
Though Windows 11 won’t stop you from deleting the folder (since it isn’t protected), you probably shouldn’t, since it’s linked to a security patch for a bug calledCVE-2025-21204, which allows attackers to modify system files or folders. While a random folder appearing on your PC isn’t the biggest deal, the real issue here was that Microsoft failed to mention it in the release notes.
Since everyone caught wind of it, Microsoft has now quietly updated thePatch Tuesday April 2025 Microsoft Support articleto clearly state that theinetpubfolder was, in fact, not a mistake and was created to patch the bug mentioned above (as spotted by Windows Latest):
After installing this update or a later Windows update, a new %systemdrive%\inetpub folder will be created on your device. This folder should not be deleted regardless of whether Internet Information Services (IIS) is enabled on the target device. This behavior is part of changes that increase protection and does not require any action from IT admins and end users. For more information, see CVE-2025-21204.
Now, we wouldn’t blame you if you deleted theinetpubfolder the second you spotted it, especially since Microsoft failed to explicitly mention it in its release notes. Nonetheless, since the company advises against deleting it, the smartest move might be to re-enable this folder. You can do this by enablingInternet Information Services,located in theTurn Windows Features on or offpanel.
Otherwise, you’re able to reinstall the April 2025 updates byuninstalling the current update, checking for updates again, and then reinstalling it. Otherwise, you could wait for the next cumulative update to arrive, which should bring the folder back too.
