Microsoft Intune – Wochenupdate KW 19 (04.05.2026)

In der vergangenen Woche wurden 15 Neuerungen in Microsoft Intune eingeführt, die Windows und Android und Apple-Geräte betreffen. Daneben gibt es 2 neue Funktionen in der Public Preview. Diese Updates stärken die Sicherheitslage und verbessern die Benutzererfahrung in Unternehmen. #MicrosoftIntune #Windows #Android #AppleGeräte #PublicPreview #Geräteverwaltung #ITManagement #KaffeeUndCode

Plattformübergreifend:

• Expanded support for Endpoint Privilege Management support approved elevation requests: Intune’s Endpoint Privilege Management (EPM) now supports support approved elevation requests from all users of a device. This update expands the utility of support approved file elevations and helps to improve scenarios that involve shared devices.
• Support for Ubuntu 26.04 LTS: Microsoft Intune now supports Ubuntu 26. 04 LTS.
• Preview the new device page in the Intune admin center (Public Preview): In the Intune admin center, when you go to Devices > All Devices and select a device, you can see device-specific info, like device properties. This page is redesigned and is available for you to preview.
• Updated security baseline for Microsoft Edge v139: Microsoft Edge version 139 security baseline is now available in Microsoft Intune. This baseline reflects current Microsoft security recommendations for the Microsoft Edge browser and is the latest available Edge security baseline in Intune.
• Newly available protected apps for Intune: The following protected apps are now available for Microsoft Intune: For more information about protected apps, see Microsoft Intune protected apps.
• Change Review Agent suggestions available inline in Multi Admin Approval (Public Preview): The Change Review Agent now provides risk-based recommendations directly in the Multi Admin Approval experience for Windows PowerShell scripts. On the My requests and All requests tabs, a new Agent Response column displays when a suggestion is available.

Windows:

• Updated minimum version for Intune Management Extension on Windows: Windows devices managed by Intune need to run Intune Management Extension version 1. 58.
• Autopatch update risk visibility report: The Autopatch update risk visibility report extends the security update status dashboard with granular insight into patch compliance and risk across your managed devices. It classifies devices as Current, Exposed, or Critical and highlights policies contributing to risk, so you can identify and remediate issues faster.
• Enhanced app inventory with faster data updates: Intune enhanced app inventory brings faster, more detailed visibility into the apps in your environment to support identification of outdated or risky software. Improved data freshness and richer app metadata provide clearer insight into installed applications, while new controls let you specify which devices are included in inventory collection.

Android:

• Configure credential manager permissions for Android Enterprise devices: You can now control which applications act as system-level credential providers on managed Android Enterprise devices running Android 14 and higher. Credential providers are responsible for password autofill and passkey storage.
• Block location setting for Android Enterprise can keep Location services enabled: On Android Enterprise devices, you can use the General > Block location in the settings catalog to disable the location services on the device and prevent users from turning it on. This setting is now called Location and has three options you can configure: For a list of all the settings you can configure, see Android Intune settings catalog settings list.
• New remote actions to suspend and restore Managed Home Screen on Android devices: Intune has two new remote actions that allow admins to temporarily suspend and restore Managed Home Screen (MHS) on Android devices. These actions let users exit MHS and access the device’s default launcher for a defined period, without removing policies or requiring a PIN.
• Direct Android line-of-business app management: You can now manage Android line-of-business (LOB) apps directly in Microsoft Intune without publishing them to Managed Google Play on Android Enterprise corporate-owned fully managed (COBO) and dedicated (COSU) devices. With direct LOB app management, admins can upload APK files directly to Intune and deploy required apps to supported Android Enterprise enrollment types using a native Intune workflow.

iOS/macOS:

• Access management for Apple services: You can now use Apple access management settings in Apple Business Manager and Apple School Manager to configure service access for Apple accounts on organization-owned devices. These controls let you choose what devices users can sign in to and which apps and services are available to them.
• Microsoft Intune supports userless ADE for visionOS and tvOS devices: Microsoft Intune has added support for userless Apple automated device enrollment (ADE) for visionOS and tvOS devices, enabling you to enroll and manage Apple Vision Pro and Apple TV through Apple Business Manager or Apple School Manager. This capability supports ADE without user affinity and includes custom configuration uploads for settings, default enrollment restrictions, and device actions.

Linux:

• Keine spezifischen Updates für Linux in dieser Woche.

Public Preview & Beta:

• Preview the new device page in the Intune admin center (Public Preview): In the Intune admin center, when you go to Devices > All Devices and select a device, you can see device-specific info, like device properties. This page is redesigned and is available for you to preview.
• Change Review Agent suggestions available inline in Multi Admin Approval (Public Preview): The Change Review Agent now provides risk-based recommendations directly in the Multi Admin Approval experience for Windows PowerShell scripts. On the My requests and All requests tabs, a new Agent Response column displays when a suggestion is available.

Fazit:

Die aktuellen Updates von Microsoft Intune verbessern die Effizienz und Sicherheit der Geräte- und Anwendungsverwaltung, insbesondere für Windows und Android und Apple-Geräte. IT-Administratoren können nun ihre Aufgaben effektiver und sicherer durchführen, was zu einer verbesserten Benutzererfahrung führt. #MicrosoftIntune #Windows #Android #AppleGeräte #PublicPreview #Geräteverwaltung #ITManagement #KaffeeUndCode