Intune Newsletter - 10th October 2025
This weeks newsletter coming live from the AppManagEvent in Utrecht so if I’ve missed anything, I’ll blame that.
Make sure you check out the video content for the Tech Community Live events from Microsoft this week, they are well worth watching. Plenty of exciting community content as well.
Community Content
Whilst we aren’t at the point of the early 2000s browser toolbars, we are getting there with extensions and many just blindly click on these things. This post from Ben Whitmore looks at the risks and how to manage them with Intune
https://msendpointmgr.com/2025/10/04/taming-browser-extensions-with-intune/
Copilot, Copilot, Copilot, it’s difficult to avoid it, but fortunately slightly easier to manage it as covered here by Jan Mulder
https://wolkenman.wordpress.com/2025/10/05/copilot-policies-for-microsoft-365-apps/
We now have two posts from Niall Brady and Paul Winstanley, starting with a useful remediation script to grab Health Check logs from your W365 machines
Some very exciting news, external identity is now in preview for Windows 365 so you can provide access for external contractors, consultants etc. Learn more in the second post from Niall and Paul
Dominiek Verham also looks at using external identities with Windows 365 in this in-depth post covering everything from configuring to the user experience
https://dominiekverham.com/assigning-a-windows-365-cloud-pc-to-external-identities/
If you are starting out your Zero Trust journey, learn how MDE and Intune work together to help in this post from Sucheta Gawade
M365 Companion Apps, coming to a machine near you soon (whether you like it or not). Many of you probably won’t, so learn how to block them here from Nicky De Westelinck
Entra now has a useful soft delete for CA policies and named location as covered in this post from Jan Bakker
NIS2 is often requested, but I find it a little vague compared to the likes of CIS. If you’re being asked to implement, Jeroen Burgerhout looks at which Microsoft products and licenses you’ll need to comply
https://www.burgerhout.org/navigating-nis2-quality-marks-with-microsoft-security-from-qm10-to-qm30/
You can now set IME as a managed installer, but scoped rather than to everyone. Learn more here from Peter van der Woude
Next, Anders Ahl looks at those pesky requirements for admin rights with a deep dive into EPM and Administrator Protection
Ewelina Paczkowska continues looking at all things Conditional Access, this time looking at some great, but underused items, custom security attributes and cross-tenant CA
I don’t see many people using vPro in their fleets which is a shame because it’s a very powerful tool. Fortunately it now integrates with Intune and Mads Johansen runs through how to configure it including some things to watch for
https://evil365.com/intune/IntelvProPortal-Intune-Integration/
There is currently an issue with Winget apps and disk space usage. If it’s causing you problems, grab this script from Nicklas Ahlberg
https://www.rockenroll.tech/2025/10/09/mitigate-it1168328/
If you are looking to be more pro-active, this script from Sander Rozemuller will help monitor free disk space on your devices
https://rozemuller.com/monitor-intune-managed-device-disk-space-with-powershell/
For those of you managing Office Scripts (or want to know more about them), they are being moved to the M365 Cloud Policy service. Learn more including what they do here from T-Bone Granheden
https://www.tbone.se/2025/10/09/heads-up-office-script-settings-are-moving-to-cloud-policy/
Video Content
Now onto the video content starting with an end-to-end look at deploying a machine with Autopilot from Nick Ross
With 25H2 now available, Steve Weiner looks at your options to both deploy it and block it here
Steve also runs through setting up Windows 365 for external users
Next, Manish Bangia demonstrates the different app options in Intune (be careful with M365 and LOB though)
With WMIC removed completely in 25H2, Dean Ellerby looks at your options when managing SCCM environments and using it within scripts
Now time for the Tech Community Live videos, all well worth watching. First up we have an AMA discussing Intune and Copilot featuring Joe Lurie, Julia Idaewor, Lavanya Lakshman and Ankur Goyal
The second (or third because I’ve decided not to display these in order) AMA covers endpoint management and in particular security policies with Mike Danoski, Laura Arrizza, Per Larson and Matt Call
Next, we look at cross platform management with Susan Taylor, Charlotte Christenson, Iris Yuning Ye and Neil Johnson
Finally (or technically the first video), an AMA with the Intune product leaders with Matt Call, Maayan Bar-Niv and Jason Roszak
Microsoft Content
Now for this weeks Microsoft content, starting with a look at all of the exciting features in Advanced Analytics from Janusz Gal
That’s all for this week, have a great weekend!