Let’s discuss the 2404 Microsoft Intune New Features April Update. Microsoft Intune 2404 version introduces several new features to enhance device management and security.
Microsoft is constantly working to improve its device management tool. They release updates almost every week. These updates make things more secure and smoother. The new features help people do more and make it easier for users and admins to solve problems.
Microsoft Intune receives updates every month, but it takes time for everyone to get them. Some features might take a few weeks to roll out completely, so not everyone gets everything immediately.
In this post, you’ll find all the details about Microsoft Intune’s April Update, version 2404. Microsoft releases three or four updates each month to improve Intune. These updates bring new features and improvements to help manage devices more effectively.
- 2403 Microsoft Intune New Features March Update
- Microsoft Intune 2402 New Features February Update
- Microsoft Intune Extends Support To Android 10 And Later From October 2024
- Use Power Automate To Import Autopilot Devices Hash Via Email For Intune Engineers
What Does April Update for Microsoft Intune Version 2404 Bring?
The April update for Microsoft Intune version 2404 introduces several new features to enhance device management and security.
What New Capabilities are Available for macOS Devices with Intune Update?
Administrators can now enjoy complete control of macOS devices through Remote Help support, allowing for efficient troubleshooting and assistance.
2404 Microsoft Intune New Features April Update
With the latest April update for Microsoft Intune (version 2404), administrators gain access to additional tools and functionalities to manage better and secure their organization’s devices.
The 2404 update offers a range of improvements to simplify device management workflows and bolster security measures, whether deploying new policies, enhancing security configurations, or improving troubleshooting capabilities.
Upgrade from Xamarin to .NET – .NET MAUI | Microsoft Learn
Xamarin Migration to .NET MAUI
Xamarin.Forms, which were used to build mobile apps for different devices, have changed. Now, it’s called .NET Multi-platform App UI (MAUI). This change brings better features and makes developing apps easier. If you already use Xamarin, it’s a good idea to switch to .NET MAUI. This switch will give your apps more power and make it easier for you to build them.
As of May 1, 2024, Microsoft officially ended support for all Xamarin SDKs, including Xamarin Forms and Intune App SDK Xamarin Bindings. Developers are encouraged to transition to .NET MAUI for ongoing support and future enhancements.
Auto Update with Win32 App Supersedence
Under App management, there is one important update, which is Auto Update with Win32 App Supersedence.
Win32 app supersedence now offers the functionality to update apps deployed as available automatically. This feature enables the easy transition from one version of an app to another without requiring manual intervention from users or administrators.
The auto-update feature for available app supersedence is a toggle option under the Available assignment in the Assignments tab. It provides administrators with greater control and efficiency in managing app deployments.
Read more – Maximum Size Cap for Intune Win32 App is Increased Now
Error Message for Exceeding 500 KB in OEMConfig Policy on Android Enterprise Devices
Administrators can utilize an OEMConfig device configuration profile to incorporate, generate, and use OEM-specific settings when configuring Android Enterprise devices. If an OEMConfig policy surpasses 500 KB in size, administrators will encounter the following error message within the Intune admin center.
In the past, OEMConfig policies exceeding the 500 KB limit were displayed as pending. However, administrators are now alerted to an error message instructing them to adjust the profile settings to decrease their size.
Read more – Intune Supports Zebra OEMConfig App for Android Enterprise 11+ Devices
“Profile is larger than 500KB. Adjust profile settings to decrease the size.”
New Settings in macOS Settings Catalog
Exciting news! Additional settings are now available in the macOS Settings Catalog. To explore these latest options, navigate to Devices > Configuration > Create > macOS for platform > Settings catalog for profile type in the Microsoft Intune admin center.
The Settings Catalog lists all the settings you can change in a device policy. It’s beneficial because everything is in one place, making it easy to find what you need.
| New Settings in macOS Settings Catalog | Features |
|---|---|
| Microsoft AutoUpdate (MAU) | Microsoft Teams (work or school) Microsoft Teams classic |
| Microsoft Defender > Features | Use Data Loss Prevention Use System Extensions |
Changes to Windows Firewall CSP for Processing Firewall Rules
Windows has updated how the Firewall Configuration Service Provider (CSP) handles firewall rules, moving away from processing rules in atomic blocks. Previously, the Windows Firewall CSP implemented firewall rule settings from Intune endpoint security Firewall policies in atomic blocks.
However, with the recent change in CSP behavior, firewall rules are now enforced in an all-or-nothing manner from each atomic block of rules. All rules within a block will be applied together, ensuring consistent and comprehensive application of firewall policies on devices.
This updated behavior of the Firewall CSP applies to devices running the following Windows versions or later.
- Windows 11 21H2
- Windows 11 22H2
- Windows 10 21H2
| Previous CSP Behavior | Updated CSP Behavior |
|---|---|
| The CSP processed rules in an Atomic block one at a time. If any rule failed, subsequent rules weren’t applied. However, successfully applied rules remained active. | If any rule within an Atomic block fails to apply, all successfully applied rules from that block are rolled back. |
Microsoft Introduced CrowdStrike Falcon as a Mobile Threat Defense Partner with Intune
Microsoft introduced a new CrowdStrike Falcon feature as an integrated Mobile Threat Defense (MTD) partner with Intune. This integration enhances security by controlling mobile device access to corporate resources based on risk assessments within your compliance policies.
- With the Intune 2404 service release, the CrowdStrike connector is now available in the Intune admin center.
- However, it will not be operational until CrowdStrike publishes the required App Configuration profile details to support iOS and Android devices.
- This publication is expected sometime after the second week of May.
- Once available, you can configure and utilize the CrowdStrike connector to strengthen your mobile device security posture.
Read more – Microsoft Introduced CrowdStrike Falcon as a Mobile Threat Defense Partner with Intune
Microsoft Intune Newly Available Protected Apps
Microsoft Intune now offers some new protected apps. These apps are now protected and available for management through Microsoft Intune, which provides enhanced security and management capabilities for your organization’s mobile devices.
The following protected apps are now available for Microsoft Intune:
- Atom Edge by Arlanto Apps
- Asana: Work in one place by Asana, Inc.
- Freshservice for Intune by Freshworks, Inc.
- Kofax Power PDF Mobile by Tungsten Automation Corporation
- Remote Desktop by Microsoft Corporation
Windows Update Distribution Report in Intune
The Windows Update Distribution report available in Intune helps you to offer an overview detailing the number of devices at each quality update level and the percentage of coverage for each update across managed devices, including co-managed ones.
- This report helps administrators to delve deeper, providing further insights for each quality update.
- It aggregates devices based on the Windows 10/11 feature version and their update statuses.
- Moreover, administrators can access a detailed list of devices corresponding to the aggregated numbers showcased in the previous reports.
- This list can be exported for troubleshooting and analysis, complementing the Windows Update for Business reports for comprehensive management and optimization of update distribution.
Read more – Better Intune Monthly Patching Windows Update Distribution Report
Microsoft 365 Remote Application Diagnostics Supported by Intune
Intune administrators now have access to the M365 Remote Application Diagnostics feature, enabling them to request Intune app protection logs and, where applicable, logs for M365 applications directly from the Intune admin center.
You can easily access the feature within the Microsoft Intune admin center by navigating to Troubleshooting + support > Troubleshoot > select a user > Summary > App protection.
Read more – Intune App Protection Policies for Android iOS Devices
Complete Control of macOS Devices with Remote Help
With the latest update, Remote Help now offers support for helpdesk personnel to connect to a user’s device and request complete control of macOS devices. This enhancement enables more comprehensive troubleshooting and support for macOS users, allowing helpdesk teams to access and manage devices as needed remotely.
- Log in to the Microsoft Intune admin center.
- Go to Devices > All devices.
- Choose the macOS device on which assistance is needed.
- Click on the remote action bar across the top of the device view.
- Select “New remote assistance session“.
- Choose “Remote Help“, and then click “Continue“.
- Turn Off Copilot in Windows Setting from Intune Settings Catalog
- Turn Off Copilot in Windows using Intune and Group Policy
- Overview of Security Copilot with Microsoft Intune
- Turn Off Copilot in Windows using Intune and Group Policy
- Download Microsoft 365 Copilot Architecture Visio
Copilot in Intune is Now Available in the Intune Admin Center
Copilot in Intune is integrated within the Intune admin center, offering quick access to information and assistance. You can utilize Copilot in Intune for the following tasks.
Read more – Overview of Security Copilot with Microsoft Intune
| Use Copilot in Intune for the following tasks | Description |
|---|---|
| Manage Settings and Policies | |
| Copilot Tooltip on Settings | It helps you provide AI-generated guidance on settings. It includes what each setting does, recommended values, and more. |
| Policy Summarizer | It helps you summarise existing policies, describe what the policy does, and assign users/groups, and settings. |
| Device Details and Troubleshooting | |
| All about a device | It helps you to show the key details about a device, including properties, configuration, and status information. |
| Device Compare | It helps you to compare hardware properties and device configurations of two devices, aiding in troubleshooting. |
| Error Code Analyzer | It helps you to analyze error codes to understand their meanings and potential resolutions. |
| Intune Capabilities for Security | |
| Intune Capabilities in Copilot for Security | It helps you to gain insights on policies, devices, group membership, and more. |
| User’s Devices Summary | It helps you to quickly review important information about a user’s devices, including links to device details in Intune, device ID, enrollment date, last check-in date, and compliance status. |
- Insights of Microsoft Intune Suite Roadmap from Microsoft Secure Event
- New Microsoft Intune Suite for UEM or Endpoint Device Management
Remote Help Availability for GCC Customers
For customers using the Microsoft Intune Suite in US Government GCC environments, Remote Help is available for Windows and enrolled Android Enterprise dedicated devices. This feature offers advanced endpoint management and security capabilities, enabling administrators to provide remote assistance and support to users easily.
Sign in to the Microsoft Intune admin center and go to Tenant administration > Remote Help.
Read more – New Microsoft Intune Suite for UEM or Endpoint Device Management
Introducing New BIOS Configuration and Other Settings Device Configuration Policy for OEMs
This policy allows administrators to enable or disable various BIOS features that enhance device security. To implement this policy, follow the steps below.
- In the Intune device configuration policy, add the BIOS configuration file.
- Deploy a Win32 app containing the BIOS configuration file.
- Assign the policy to your devices.
- By utilizing this new policy, administrators can effectively manage and secure devices by configuring BIOS settings per organizational requirements.
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here – HTMD WhatsApp.
Author
About the Author: Vidya is a computer enthusiast. She is here to share quick tips and tricks with Windows 11 or Windows 10 users. She loves writing about Windows 11 and related technologies. She is also keen to find solutions and write about day-to-day tech problems.