Nom de domaine

A big hello to all the Galériens under Windows!

Ah and hey, nothing to do, but have you noticed that since the last security update KB5055523there was an empty file named “Inetpub”Present on your system reader (%Systemdrive%)?

Many people have advised in recent days, to simply delete it because it is traditionally associated with the Internet Information Services (IIS), the Microsoft web server, and that absolutely no one needs a Microsoft web server in their life.

But wait a bit!

Obviously, it should not be deleted because this stupid file would actually be the computer equivalent of the Captain America & Mldr shield; Not very impressive at first glance, but super effective to protect you from attacks by awful cybercriminals.

But how is it possible ???

Well, this apparently useless dossier is part of a safety correction against a vulnerability identified under the sweet name of CVE-2025-21204. Microsoft has updated its support document to specify that this folder is crucial, whether or not you are activated on your machine.

Concretely, we are dealing with what is called a “Link Following FLAW”. This vulnerability occurs when a Windows program tries to access a file by name, but does not check properly if this name points to a symbolic link (a kind of advanced shortcut) which would redirect to an unauthorized resource.

In the case of this vulnerability, an attacker already present on your system could use this mechanism to manipulate system files with privileges NT Authority \ System (the highest level of permission under Windows), giving it almost total control on your machine.

So how can an empty folder protect us?

This is all the ingenuity of the corrective: Microsoft created this “Inetpub” folder with Special permissions At the System level in reading alone. Its simple presence prevents attackers from creating their own malicious version for this precise location, thus blocking the attack vector.

In technical terms, this file acts as an “security anchor” – its presence with strict permissions prevents theElevation of privileges that the attackers could try via the mechanism for monitoring links on which I have just brief you.

In short, do not delete this Inetpub file otherwise the misfortune will fall on you, and your descendants. And rest assured, this file almost does not take up a space on your disc (a few bytes), so as much to leave it quiet to meditate in its corner.

Now, what if you have already shot it?

Well here is a small, restoration tutorial from the Inetpub file:

  • Open the configuration panel in icons display mode
  • Select “Programs and features”
  • Click on “Activate or deactivate Windows features” (on the left side)
  • Check the “Internet Information Services” box
  • Click on OK and let Windows Apply changes
  • Check that the InetPub folder is reappeared on your system player
  • You can then deactivate iis if you do not use it (no one uses it anyway)

A good hearing & mldr;

Source


Source link

Categorized in:

Technology