The July 2023 update (2307) of Microsoft Intune introduces significant enhancements to boost productivity and manage more sophisticated use cases. Firstly, users can now uninstall Windows apps from the Intune Company Portal themselves, eliminating the need for help desk assistance. This functionality is currently being rolled out and should be fully operational in a week or two.

Previously, standard users were unable to remove applications they had installed from the Company Portal without admin rights, which demanded support and consumed help desk resources. Now, users can opt to uninstall Win32 and Microsoft Store apps that they installed on-demand in the Company Portal, given that the app was marked as available.

For Microsoft Store apps, the uninstall option is always available. However, for Win32 app users, admins can choose to activate or deactivate it, with the default setting being off.

Additionally, the update broadens the array of apps that can be installed on macOS through a new PKG installer workflow employing the Intune agent. This reduces IT overhead and enhances the Intune onboarding process for Mac.

In the past, installing many standard security apps such as VPNs or antivirus software on Macs using the Intune line-of-business app workflow was not feasible. Admins had to resort to scripting for deployment, which did not provide comprehensive app reporting. The new flow accommodates deploying PKG apps that are unsigned, maintain a hierarchical structure in the installer, or are component or payload-free PKGs.

The July 2023 update also previews a new unified approach to managing endpoint security settings across Windows, macOS, and Linux. This approach hastens response times, provides a single-portal experience, and negates the need for separate management tools. It enables better coordination and transparency between IT and security teams, ultimately improving organizational security.

For enterprises utilizing Microsoft Intune as a comprehensive management suite, the new native security settings management functionalities in Defender for Endpoint are incorporated into Microsoft Intune’s admin experience. This integration lets IT and security teams apply security policies to devices from both Defender and Intune admin centers. Consequently, data synchronizes seamlessly between both products, serving as a single reference point for IT and security teams, and preventing miscommunication and security breaches.

Lastly, the new capability simplifies the onboarding process by waiving the need for all devices to be entirely registered with Azure AD, which is used to inhibit customers from applying security management capabilities. Now all pertinent devices can be managed instantaneously.