security research

Microsoft’s recent April 2025 patch cycle for Windows 10 and Windows 11 has sparked a wave of both intrigue and concern across the IT community due to the unexpected appearance of the “inetpub” folder on users’ system drives, usually the C: drive. This folder, historically associated with...

Microsoft's April 2025 cumulative Windows update, notably identified as KB5055523 for Windows 11 24H2, has stirred significant discussion in the tech community due to an unexpected and somewhat mysterious change: the automatic creation of an empty folder named "inetpub" on the system drive...

Microsoft's recent April 2025 patch for Windows introduced a curious and controversial change that has IT administrators and security experts buzzing—a mysterious "inetpub" folder appearing by default on systems, including those not using Internet Information Services (IIS). Far from a mere...

Microsoft's recent April 2025 Patch Tuesday update for Windows 11—specifically update KB5055523—introduced an unexpected yet purposeful change that has stirred curiosity and concern among users and IT professionals alike: the mysterious creation of an empty folder named inetpub on the system...

The inetpub folder has recently become the center of an intriguing and somewhat ironic security controversy in Windows 11, particularly after the April 2025 cumulative update. This seemingly innocuous and empty system folder, traditionally associated with Microsoft's Internet Information...

Here is a summary of the issue described in the article from The Register: In April 2025, Microsoft quietly reintroduced the c:\inetpub folder to Windows systems as a mitigation for CVE-2025-21204, an elevation-of-privileges flaw within Windows Process Activation. Instead of patching the code...

Microsoft’s Mystery inetpub Folder: When the Fix Becomes a Flaw At the heart of the latest chapter in Windows patching is a familiar folder with an unfamiliar twist—c:\inetpub. The recent kerfuffle that has swept Windows administrators into a maelstrom of head-scratching and risk analysis...

Microsoft’s bounty program just got a major upgrade, and if you’ve ever fancied yourself an AI bug-hunting bounty hunter, now might be the time to dust off your digital magnifying glass—and maybe start practicing how you'll spend a cool $30,000. Yes, you read that right: Microsoft is dangling...

Tucked away among the countless cryptic folders of a typical Windows 11 installation lies a new arrival – the now-infamous ‘inetpub’ directory, a seemingly innocuous feature rolled out with the April 2025 security update. But if Windows update history is anything to go by, “innocuous” is just a...

Windows users stared at their C: drives in dismay after April 2025’s Patch Tuesday, only to find a mysterious, empty new folder named “inetpub” lurking at the root of their systems—like some digital tumbleweed blown in by a particularly secretive Microsoft update. The Folder That Raised...

Let’s banish the illusion right away—no, your computer hasn’t suddenly morphed into a cheese grater with 587 holes because of last year’s Windows vulnerabilities tally. But if you’re feeling a draft, it might just be a breeze of cybersecurity news blowing through your inbox, because 2024 was a...

Bypassing Windows Defender Application Control (WDAC) might sound like something reserved for blockbuster spy movies, but in today’s threat landscape, it’s a real, high-stakes game played by red teams and security researchers alike. At the heart of this article is the in-depth exploration of...

Microsoft’s Request for a Video POC: A Rigid Process Under Scrutiny A recent incident has spotlighted a curious practice at the Microsoft Security Response Center (MSRC) that may be prompting questions about the balance between thoroughness and red tape in vulnerability disclosure. Senior...

The Microsoft Security Response Center (MSRC) is pleased to announce the launch of the Link Removed program, a program dedicated to providing rock-solid security for our DevOps customers. Starting January 17, 2019, we’re excited to offer rewards up to US$20,000 for eligible vulnerabilities in...

Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...

For the second in this series of blog entries we want to look into which vulnerability reports make it into the monthly release cadence. It may help to start with some history. In September 2003 we made a change from a release anytime approach to a mostly predictable, monthly release cadence...

This is the first of a series of blog entries to give some insight into the Microsoft Security Response Center (MSRC) business and how we work with security researchers and vulnerability reports. The Microsoft Security Response Center actively recognizes those security researchers who help us...

Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us. Customers that have the latest security updates installed are protected against the...

I’m very happy to announce another addition to the Link Removed. Microsoft will be hosting a bounty for Remote Code Execution vulnerabilities in Microsoft Edge on Windows Insider Preview builds. This bounty continues our partnership with the security research community in working to secure our...

I am very pleased to be releasing additional expansions of the Link Removed. Please stop by the Microsoft Networking Lounge at Black Hat, August 5-6, to learn more about these programs; or, visit Link Removed. We are raising the Bounty for Defense maximum from $50,000 USD to $100,000 USD. I am...