Latest Microsoft Intune Updates Streamline Admin Workflows and Boost Security

Microsoft has rolled out several new capabilities to enhance device security and management during the months of November and December. These improvements focus on streamlining administrative workflows and strengthening privacy controls across multiple platforms.

Consolidated admin workflows

Microsoft has introduced a new Admin tasks section in public preview within the Microsoft Intune admin center. It provides a unified view that consolidates various management requests, such as Endpoint Privilege Management (EPM) file elevation requests, Defender for Endpoint security tasks, and Multi-Admin Approval requests.

“Until now, administrators with permission to review Endpoint Privilege Management elevation requests could see every request across the organization, regardless of their assigned scope. Scope tag enforcement enhances role-based access control for this highly valued capability, aligning EPM with Zero Trust by ensuring that admins only access the elevation requests required for their role. This reduces unnecessary visibility into devices and users outside their remit and lowers the risk of accidental or inappropriate actions,” Microsoft explained.

Android enterprise enhancements

Microsoft has rolled out new updates to the Managed Home Screen to enhance the user experience on frontline Android devices. This release brings a new offline mode and support for launching apps without user sign-in. Moreover, Microsoft has added enhanced volume controls that allow more granular adjustments for calls, ringtones, notifications, alarms, and media. The new “Reset to Basic” mode is also designed to revert to the default “all approved apps visible” experience, without requiring support tickets or manual collection rebuilds.

Additionally, the latest Microsoft Intune release introduces enhanced precision in applying settings and tightened privacy controls. The Intune Settings Catalog now includes Android-specific controls to strengthen work profile security. These updates block AI assistants from capturing sensitive data, restrict Bluetooth contact sharing, and introduce advanced password policies like expiration, reuse history, and device wipe on repeated failures.

Enrollment experience design updates on macOS and iOS

Administrators can now customize Setup Assistant screens during automated device enrollment (ADE) for iOS/iPadOS and macOS. For instance, IT admins can configure a policy to show App Store and camera configuration on some devices, and hide privacy settings on others.

Last but not least, Microsoft has added support for Windows Autopilot device preparation in automatic mode in public preview for Windows 365 Enterprise, Windows 365 Frontline dedicated mode, and Windows 365 Cloud Apps. This feature enables IT administrators to include device preparation policies as part of their Cloud PC provisioning process. It should help streamline the Cloud PC provisioning process, enhance the end-user experience, and eliminate the need for custom images.

In 2026, Microsoft plans to introduce more advanced Intune features within Microsoft 365 E3 and E5. This expansion will make the Microsoft Intune Suite’s solutions accessible to a broader range of customers.