Here is a summary of the issue described in the article from The Register:
In April 2025, Microsoft quietly reintroduced the c:\inetpub folder to Windows systems as a mitigation for CVE-2025-21204, an elevation-of-privileges flaw within Windows Process Activation. Instead of patching the code...
cve-2025-21204
cybersecurity
directory junctions
elevation of privileges
file system attacks
it security
microsoft patch
microsoft vulnerability
privilege escalation
security flaws
security research
symlink attacks
sysadminrisks
system integrity
system security
vulnerability disclosure
windows patch
windows security
windows systems
windows update
