Intune policies Archives

Winsage

July 29, 2025

Microsoft explains how organizations can use Intune to upgrade from Windows 10 to Windows 11

Windows 10 is approaching its end of life, and organizations can purchase Extended Security Updates (ESU), though this may not be financially viable for all. Microsoft has released a guide to assist companies in upgrading from Windows 10 to Windows 11 via Intune. The guide is intended for domain-joined or co-joined Windows 10 PCs and emphasizes the need for hardware compatibility, specifically TPM 2.0. Organizations should use Microsoft Configuration Manager or Endpoint Analytics to verify hardware requirements and ensure devices are updated to version 22H2. IT administrators are advised to synchronize identities from Active Directory to Entra ID, configure hybrid join, and prepare the Intune environment with necessary licenses and roles. They should also streamline Group Policy Objects, establish Intune configuration profiles, and use Windows Autopatch for updates. Applications must be migrated from Configuration Manager to Intune for management, and outdated deployments should be decommissioned. The final migration step involves transitioning to an Entra ID-joined configuration. This process aims to enhance management, security, user experience, and reduce reliance on legacy infrastructure.

Winsage

June 30, 2025

Microsoft warns of Windows update delays due to wrong timestamp

Microsoft has acknowledged a delay in the delivery of the June 2025 Windows security updates due to an incorrect metadata timestamp affecting Windows 10 and Windows 11 systems under quality update deferral policies. The update was released on June 10, 2025, but the timestamp shows June 20, 2025, which may cause devices with deferral settings to receive the update later than expected. Microsoft has provided temporary workarounds for administrators, including creating an expedited deployment policy to bypass deferral settings. The delay only affects the timing of update availability for organizations using these policies and does not impact the quality or applicability of the update. Microsoft will not change the metadata timestamp and has confirmed that the provided workaround is the definitive resolution.

Winsage

June 24, 2025

Microsoft fixes known issue that breaks Windows 11 updates

Microsoft is releasing a configuration update, KB5062324, to fix Windows Update failures on certain Windows 11 systems running version 24H2 that have not installed the May Windows non-security preview update or later. This update addresses an issue causing the Windows update scan to stop responding, with a permanent solution available in the May update (KB5058499) and later versions. Users can install KB5062324 by enabling 'Get the latest updates as soon as they're available' in Settings > Windows Update, followed by a system restart and checking for updates. The update is being rolled out gradually, so users may need to try multiple times to receive it. Recently, Microsoft also addressed a bug related to feature updates and acknowledged issues with unintended upgrades to Windows Server 2025 on certain devices. The company aims to unify the updating process for all software on PCs through a new orchestration platform.

Winsage

June 2, 2025

Microsoft ships emergency patch to fix Windows 11 installation issues

Microsoft has addressed a significant issue affecting certain Windows 11 systems after the installation of the KB5058405 security update from May 2025. Users reported encountering 0xc0000098 recovery errors linked to ACPI.sys, indicating that the operating system could not be loaded. This problem primarily affects Windows 11 versions 22H2 and 23H2 in enterprise settings, particularly among Azure Virtual Machines, Azure Virtual Desktop, and on-premises virtual machines hosted on platforms like Citrix or Hyper-V. Microsoft has released the KB5062170 non-security out-of-band update to resolve the installation and boot problems, which can be manually installed from the Microsoft Update Catalog. For Azure customers facing difficulties after implementing the May 2025 update, Microsoft recommends using Azure Virtual Machine repair commands as a temporary workaround. Users of Windows Home or Pro editions in home environments are unlikely to encounter these issues.

Winsage

May 29, 2025

Microsoft: Windows 11 might fail to start after installing KB5058405

Microsoft has acknowledged that some Windows 11 systems may experience startup failures after installing the KB5058405 cumulative update, resulting in a 0xc0000098 recovery error related to ACPI.sys. This issue affects Windows 11 versions 22H2 and 23H2, particularly in enterprise settings like Azure Virtual Machines and on-premises virtual machines. Home users are less likely to encounter these problems. Microsoft is investigating the issue and will provide updates.

Winsage

May 13, 2025

Windows 11 upgrade block lifted after Safe Exam Browser fix

Microsoft has lifted an upgrade block that prevented certain users of the Safe Exam Browser from installing the Windows 11 2024 Update due to compatibility concerns. The block was initially implemented in September to protect users from issues with Safe Exam Browser version 3.7 or earlier. Users are encouraged to upgrade to Safe Exam Browser version 3.8 or later before proceeding with the Windows 11 24H2 update. If users still encounter the safeguard hold after 48 hours of updating, they should contact Safe Exam Browser Support. The Windows 11 24H2 feature update is now available for all compatible PCs, except those under safeguard holds. Microsoft has resolved issues that previously blocked the update for some users and has removed other compatibility holds for specific devices and applications. However, some upgrade blocks remain due to incompatible hardware and software. Windows 11 24H2 began its rollout in May 2024 for enterprise testing, with a broader release in October.

Winsage

May 6, 2025

Microsoft pushes fix for Windows 11 update 0x80240069 errors

Microsoft has resolved an issue that affected the delivery of Windows 11 24H2 feature updates via Windows Server Update Services (WSUS) after the installation of the April 2025 security updates. Users reported upgrade problems, specifically encountering error code 0x80240069 during attempts to update from Windows 11 23H2 or 22H2. The update complications primarily impact enterprise environments using WSUS, while home users are less likely to experience these issues. Microsoft is rolling out a fix through Known Issue Rollback (KIR) for enterprise-managed devices, requiring IT administrators to implement the KIR Group Policy on affected endpoints. Additionally, Microsoft is addressing a separate issue where some PCs were upgraded to Windows 11 despite Intune policies preventing such upgrades.

Winsage

April 30, 2025

Microsoft: Windows 11 24H2 updates fail with 0x80240069 errors

Microsoft has acknowledged a significant issue affecting enterprise users trying to upgrade to Windows 11 24H2 via Windows Server Update Services (WSUS) after installing the April 2025 security updates, specifically the monthly security update KB5055528. Users with Windows 11 23H2 or 22H2 are encountering Windows Update Service errors with the code 0x80240069, preventing the download process for Windows 11 24H2 from initiating or completing. Microsoft confirmed that devices with the April security update might be unable to update via WSUS. WSUS, primarily used in enterprise settings, has been deprecated as of September 2024, but Microsoft will continue to support existing functionalities. Additionally, Microsoft is addressing a "latent code issue" that has caused some devices to upgrade to Windows 11 despite Intune policies against such upgrades.

Winsage

April 16, 2025

Microsoft: Some devices offered Windows 11 upgrades despite Intune blocks

Microsoft is addressing an issue where some Windows devices are prompted to upgrade to Windows 11 despite Intune policies preventing such upgrades, a problem attributed to a "latent code issue" since April 12. A targeted code fix is being deployed, and users are advised to pause Windows feature updates via Intune until the resolution is fully rolled out. Users who upgraded to Windows 11 inadvertently will need to manually revert to their previous version. Additionally, in November 2024, certain Windows Server 2019 and 2022 devices were upgraded to Windows Server 2025 without user consent, and Microsoft acknowledged the problem but did not provide guidance on reverting these upgrades. Microsoft has also resolved an issue with prompts for upgrading to Windows Server 2025, clarifying that notifications were intended only for those seeking in-place upgrades.