Here is a summary of the issue described in the article from The Register:
In April 2025, Microsoft quietly reintroduced the c:\inetpub folder to Windows systems as a mitigation for CVE-2025-21204, an elevation-of-privileges flaw within Windows Process Activation. Instead of patching the code...
cve-2025-21204
cybersecurity
directory junctions
elevation of privileges
filesystemattacks
it security
microsoft patch
microsoft vulnerability
privilege escalation
security flaws
security research
symlink attacks
sysadmin risks
system integrity
system security
vulnerability disclosure
windows patch
windows security
windows systems
windows update
