Recently, Microsoft released a new PowerShell script for Windows 10/11 to help users recover the inetpub folder that was previously deleted by mistake.
In April of this year, many users found that an empty folder named “inetpub” appeared in the root directory of the system C drive after installing the KB5055523 cumulative update.
The “inetpub” folder is usually associated with IIS and is used to host websites or applications on Windows 11, but in this update, it is automatically created even if the user does not have IIS enabled.
Microsoft confirmed that this folder is part of the April patch and is related to the fix for the CVE-2025-21204 elevation of privilege security vulnerability.
For users who have deleted the “inetpub” folder, Microsoft officially provides two recovery options, one is to enable the IIS service, but this will create additional folders, which is not friendly to non-developer users.
The other is to use the latest published PowerShell script to rebuild the folder without IIS enabled, i.e. run PowerShell with administrator privileges and run Install-Script -Name Set-InetpubFolderAcl.
“For systems that have installed KB5055528 but deleted the %systemroot%\inetpub directory, an immediate fix is required,” Microsoft said. If you delete the inetpub directory, you need to run the repair script Set-InetpubFolderAcl.ps1″.
The main functions of this script include: if it has been deleted, it will recreate the inetpub directory;
Ensure that directory permissions are properly configured to prevent unauthorized access and potential vulnerabilities related to CVE-2025-21204;
If it exists, update the ACL of the DeviceHealthAttestation directory.
发表回复