When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

IT admins can now configure expedited quality and feature Windows updates via Intune

Neowin · · Hot! with 0 comments

A couple of months ago, we learned that Microsoft is working on a solution that will allow IT admins to configure how quickly Windows updates are delivered across an organization. Today, this implementation leveraging Windows Update for Business (WUfB) and Microsoft Intune is generally available.

Windows Update

There are two distinct new capabilities now available in Intune. The first is the configuration of feature updates, which as the name implies, allows IT admins to create policies that control which Windows feature update is delivered to devices. Until IT admins assign a newer Windows version in this section, devices will stay on the version they defined in their policy.

Some other useful settings you can configure is whether you want the update to become available immediately, on a specified date, or through a phased rollout. The final option also allows you to choose when the first and last groups will receive the update and the gap in days between them.

The second capability hitting general availability is expedited quality updates. This is very useful in the context of immediately deploying updates to fix patch zero-day vulnerabilities. There are a couple of settings that you need to be mindful of here. One allows you to choose the minimum OS version all devices should be on, while the other empowers you to decide how long a device can delay the update before a restart is enforced. The available options include 0, 1, and 2 days. The first option should be used with caution though since it gives users only a 15-minutes heads-up after downloading the update before forcefully installing it via a restart.

Finally, you can also view reports for the deliveries of both feature updates and expedited quality updates. These are available under the Reports > Windows updates section on Microsoft Endpoint Manager admin center. They will display alerts, information at a device granularity level, and overall results. If you're unsure about the policies to configure for update deployments, check out Microsoft's recommended practices here.

Report a problem with article
John Carmack on a light brown background with a Meta logo next to it
Next Article

Oculus Consulting CTO John Carmack resigns from Meta citing lack of influence and agility

Patch Tuesday promo image
Previous Article

Microsoft confirms it has fixed Direct Access connection issues on Windows 11, Windows 10

Join the conversation!

Login or Sign Up to read and post a comment.

0 Comments - Add comment