A misconfiguration in the Windows Update caching service recently caused Windows devices to ignore administrative policies designed to block automatic driver updates. This glitch resulted in the temporary loss of device enrollment data, which led the update service to treat managed systems as unmanaged endpoints. Consequently, driver-approval controls were bypassed, allowing updates to install on tens of thousands of machines without authorization.

Source

Microsoft released a new TeamViewer remote assistance connector for Intune in April 2026, replacing the older integration available since 2016. The new connector requires TeamViewer Tensor or a compatible enterprise license with a Microsoft add-on, and it requires the remote device to be actively managed by TeamViewer, not just enrolled in Intune. This article explains what changed, what you need to configure the integration, and what the new connector cannot do.

Source

Admin Insights for Windows 365 is a feature, currently in public preview, that surfaces prioritized health and performance signals for your Cloud PCs directly in the Microsoft Intune admin center. Instead of hunting through separate reports, you see dynamically generated insight cards on a single overview page. The feature covers connectivity, provisioning, performance, and utilization issues. It requires Windows 365 Enterprise or Windows 365 Flex licensing and appropriate read permissions.

Source

Windows Autopatch in the Intune admin center now includes an updated Secure Boot status report that provides device-level visibility into certificate readiness ahead of the 2026 expiry deadline. The report shows which devices have Secure Boot enabled, whether their certificates are up to date, and whether automatic or manual deployment applies. New columns for trust configuration, confidence level, and alerts help you make targeted decisions instead of broad deployments.

Source

Microsoft has made Platform Single Sign-On (PSSO) during Automated Device Enrollment (ADE) generally available for macOS. The new EnableRegistrationDuringSetup setting in Microsoft Intune completes device registration and SSO configuration automatically during Setup Assistant — the initial macOS setup wizard — before the user ever reaches the desktop. This article explains what PSSO is, why the new setting matters, what you need to configure it, and what limitations to expect.

Source

Parmi les nouveautés d'avril 2026 pour Intune : l'amélioration de l'inventaire d'applis Windows, l'authentification unique (SSO) pour Linux, mais pas seulement.

Le post Nouveautés Intune : SSO pour Linux, meilleur inventaire des applis sur Windows, etc… a été publié sur IT-Connect.

Microsoft Intune's April and May 2026 updates deliver three areas of practical change for administrators: richer and more frequent app inventory for Windows devices, a redesigned single sign-on (SSO) experience for Linux endpoints that replaces an aging authentication component, and automated enrollment support for Apple tvOS and visionOS devices in shared-use scenarios. Hotpatch updates — which apply security fixes without a restart — also become enabled by default for eligible Windows devices in May 2026.

Source

TeamViewer is a remote assistance solution that lets you remotely connect to and control Intune-managed Windows, macOS, Android, and iOS/iPadOS devices directly from the Intune admin center to support your users. Microsoft Intune's April 2026 update (service release 2604) introduces a redesigned TeamViewer connector for remote assistance. The new connector replaces the existing one with a simplified setup process and adds SSO (single sign-on) support, device group synchronization, and granular role-based permissions. If you still use the old connector, you have 12 months to migrate before it stops working. This article explains what changed, what you need, and how to configure the new connector.

Source

On April 1, Microsoft published a TechCommunity blog post explaining how Windows Update management in Intune differs from Configuration Manager (still widely known as SCCM). A Techzine author read the post as an announcement of upcoming changes and reported that "patch behavior is set to change significantly for Microsoft Intune." That framing is a human hallucination, as Microsoft's post does not announce any changes.

Source

Microsoft released the March 2026 updates for Intune, its cloud-based service for managing devices and apps across an organization. The most significant change is that hotpatch security updates—patches that apply without requiring a device restart—will become the default for eligible Windows 11 devices starting May 2026. On the Apple side, two notable additions arrive: a Recovery Lock for macOS and expanded support for Apple's modern device management framework. Improved push notifications and a managed installer change also streamline Windows device deployment.

Source

Windows Autopatch update readiness reached general availability, adding four capabilities to the Windows Autopatch blade in the Microsoft Intune admin center. The new features—management status report, quality update journey, alerts and remediations, and Update Readiness Checker—give IT teams proactive visibility into device readiness, update blockers, and remediation guidance across Intune-managed Windows fleets. All capabilities are included in the existing Windows Autopatch license at no additional cost. Windows Autopatch is available for customers with Windows Enterprise, Frontline, US Government, Education, and Business Premium SKUs.

Source

Microsoft Cloud PKI for Intune automates certificate management for enrolled devices, but you must manually handle the expiration of the certification authority (CA). When your Cloud PKI issuing CA approaches its expiration date, you need to create a new CA and update your SCEP certificate profiles to maintain uninterrupted service. This guide explains the expiration process, potential impacts, and the steps required to transition to a new issuing CA.

Source