Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Screenshot of current https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21204 FAQ item added: Does installing the Windows security updates that address this CVE cause visible change on devices? After installing the updates listed in the Security Updates table for your operating system, a new %systemdrive%\inetpub folder will be created on your device. This folder should not be deleted regardless of whether Internet Information Services (IIS) is active on the target device. This behavior is part of changes that increase protection and does not require any action from IT admins and end users.

Download link

Screenshot of current https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21204 FAQ item added: Does installing the Windows security updates that address this CVE cause visible change on devices? After installing the updates listed in the Security Updates table for your operating system, a new %systemdrive%\inetpub folder will be created on your device. This folder should not be deleted regardless of whether Internet Information Services (IIS) is active on the target device. This behavior is part of changes that increase protection and does not require any action from IT admins and end users.
https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/319/276/345/443/373/original/42bf117e3da87c7a.png

Notices where this attachment appears

Embed this notice
Will Dormann (wdormann@infosec.exchange)'s status on Thursday, 17-Apr-2025 22:53:56 JST Will Dormann
in reply to
So, apparently this is the "fix" for CVE-2025-21204. Microsoft recently updated their advisory to say what the update does.
Prior to everybody freaking out, the advisory for CVE-2025-21204 said nothing about what it does.
Two gripes:
1. MSRC publishing content-free advisories has consequences, but they never seem to appreciate this.
2. I told MSRC YEARS AGO that they can avoid an entire class of LPE vulnerabilities in 3rd-party software and their own software by not allowing non-admin users to be able to create directories off of C:\. They refused to make any change because it might "break things".
Great job, folks.
In conversation about 7 days ago from infosec.exchange permalink