When you install a fresh, clean copy of Windows – say, if you're switching to the LTSC edition – Ninite is here to kickstart provisioning the new OS.

Ninite is a very simple, but very clever, tool that automates the process of installing a user-configured suite of apps and runtimes onto Windows. Not only will it help you get up and running as quickly and easily as possible, but if you keep the tiny custom installer, you can re-run it later and it will update everything it originally installed to the latest version. //

If you're also missing some important device drivers, Snappy Driver Installer Origin can help you there, as we have described previously. With LTSC there's much less need for O&O AppBuster but O&O ShutUp10++ makes it trivially easy to turn off most Microsoft telemetry.

The folder, typically c:\inetpub, reappeared on Windows systems in April as part of Microsoft's mitigation for CVE-2025-21204, an exploitable elevation-of-privileges flaw within Windows Process Activation. Rather than patching code directly, Redmond simply pre-created the folder to block a symlink attack path. //

For at least one security researcher, in this case Kevin Beaumont, the fix also presented an opportunity to hunt for more vulnerabilities. After poking around, he discovered that the workaround introduced a new flaw of its own, triggered using the mklink command with the /j parameter.

It's a simple enough function. According to Microsoft's documentation, mklink "creates a directory or file symbolic or hard link." And with the /j flag, it creates a directory junction - a type of filesystem redirect.

Beaumont demonstrated this by running: "mklink /j c:\inetpub c:\windows\system32\notepad.exe." This turned the c:\inetpub folder - precreated in Microsoft's April 2025 update to block symlink abuse - into a redirect to a system executable. When Windows Update tried to interact with the folder, it hit the wrong target, errored out, and rolled everything back.

"So you just go without security updates," he noted.