ioc.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
INDICATORS OF COMPROMISE (IOC) InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

Administered by:

Server stats:

1.4K
active users

faebudo

@GossiTheDog @wdormann @FritzAdalis @jernej__s Yes it opens a new one. But does the created folder by the update still allow a user to create files in C:\inetpub or are the permissions locked down to administrators?

@faebudo @GossiTheDog @wdormann @FritzAdalis @jernej__s
Users can RX, not write.

But, unless there's an admin permissions pop-up, a user with admin can copy/paste commands to download vulnerable crap into this folder anyway.

There are still too many users who have admin, especially in home, school, and small business environments.

@GossiTheDog @wdormann @FritzAdalis @jernej__s
So the update fixes CVE-2025-21204 by updating folder permissions for C:\inetpub even if it was created by a user beforehand. Also a normal user can't create files in C:\ only folders.

windowslatest.com/2025/04/11/w

Users that already deleted the folder should temporarily install IIS to create the folder again with correct permissions.

Edit: as @GossiTheDog points out the acl updating breaks for junctions (which a normal user can create but where setting the permissions does not update the target permissions) and stops the update from applying.

Windows Latest · Windows 11: Microsoft warns do not delete inetpub folder after causing confusionMicrosoft has warned that users must not delete “inetpub” folder on Windows 11 after the April 2025 Update created it. This folder was initially assumed to be a bug in Windows 11 KB5055523 and other April 2025 cumulative updates, including Windows 10. It turns out it’s an intentional change, but Microsoft forgot to document it—until […]