Introduction

As we move into November 2024, Microsoft Intune continues to evolve, bringing new features and enhancements to improve endpoint management and security. This article provides an overview of the latest developments in Microsoft Intune, highlighting key updates and what they mean for IT administrators and organizations.

Key Developments in Microsoft Intune

1. Enhanced Endpoint Privilege Management

  • Copilot Integration: Microsoft Intune is integrating Copilot with Endpoint Privilege Manager (EPM) to help identify potential elevation risks. This feature uses information from Microsoft Defender to evaluate EPM elevation requests, providing insights into potential indicators of compromise.
  • File Argument and Parameter Support: EPM will soon support file elevation rules that include arguments or parameters. This enhancement improves control over the context in which files are elevated, blocking any arguments or parameters that are not explicitly allowed. EPM is available as an Intune Suite add-on-capability. To learn more about how you can use Copilot in Intune, see Microsoft Copilot in Intune.

2. Advanced App Management

  • Detailed Reporting for LOB Apps on AOSP Devices: Intune will provide additional reporting details for Line of Business (LOB) apps on Android Open Source Project (AOSP) devices. This includes error codes and detailed error messages, helping administrators better understand and resolve installation issues.
  • iOS/iPadOS App Widget Protection: To protect organizational data, Intune app protection policies will now block data sync from policy-managed app data to app widgets on iOS/iPadOS devices. This prevents sensitive information from being exposed on device lock screens.

3. Device Configuration Enhancements

  • DFCI Support for Samsung Devices: Intune is adding support for Device Firmware Configuration Interface (DFCI) profiles to manage UEFI (BIOS) settings on Samsung devices running Windows 10 or Windows 11. This allows for better control over device firmware settings directly from the Intune admin center. You can manage DFCI profiles by going to Devices > Manage devices > Configuration > Create > New policy > Windows 10 and later for platform > Templates > Device Firmware Configuration Interface for profile type.
  • New Settings for Windows 24H2: The Settings Catalog in Intune will include new settings for Windows 24H2, providing administrators with more options to configure and manage Windows devices.  You can view these Windows settings in the Microsoft Intune admin center by going to Devices > Manage devices > Configuration > Create > New policy > Windows 10 and later for platform > Settings catalog for profile type.

4. Improved Device Management

  • macOS Certificate Management: Administrators will soon have the option to store macOS certificates in the user keychain, enhancing system security and reducing certificate prompts for users.
  • Device Inventory for Windows: Intune will offer enhanced device inventory capabilities, allowing administrators to collect and view additional hardware properties from managed devices. This helps in making informed business decisions based on comprehensive device data.

5. Enhanced Security Features

  • Linux Support for EDR Exclusion Settings: Intune is adding a new Endpoint Security template for Linux, supporting exclusion settings for Endpoint Detection and Response (EDR). This allows administrators to define exclusions for antivirus and EDR engines, reducing unnecessary alerts and improving system performance.
  • Microsoft Tunnel Readiness Check: The Microsoft Tunnel readiness tool will now detect if the auditd package for Linux System Auditing (LSA) is installed on your Linux Server. This check helps ensure that auditing is in place, enhancing security monitoring capabilities.

Source: https://learn.microsoft.com/en-us/mem/intune/fundamentals/in-development

 

Paul Cobben