Microsoft Intune 2312 December Update New Features

In this post, You will get details of the Microsoft Intune 2312 December Update new features. Intune Service Release 2312 added more capabilities to extend the support for Win32 App management, Device configuration and security.

With the Intune 2312 December update, two settings to the Microsoft Defender Antivirus profile for endpoint security Antivirus policy added, Intune released a new version of the Intune security baseline for Microsoft Edge, macOS unmanaged package moved in GA, and enhancement for Win32 App size limit extended to 30 GB.

Each update brings enhancements and new capabilities, empowering you to experiment with functionalities and deliver the best user experience. Familiarizing yourself with the Intune service release new features can provide you with additional insights into updates and their benefits.

Microsoft regularly releases updates, sometimes even every week, to improve the security and efficiency of device management. The addition of new features will drive productivity and allow the management of more complex scenarios for users and admins.

Patch My PC

How do you Check Intune Service Status?

The steps guide you to check the status of Microsoft Intune. Here you can check the Intune service release version for your tenant.

Navigate to the “Tenant Details” tab to view your current service version, which will be displayed under “Service Release”. The latest released version is Intune Service Release 2312.

Note Intune Service Release Version numbers are named based on the YYMM format. Here you can see Intune service release 2312. It means this version is released in December 2023.

Microsoft Intune 2312 December Update New Features Fig.1
Microsoft Intune 2312 December Update New Features Fig.1

You can also read, Past releases in the What’s New to get more information about what new features Intune service updates were released. Intune provides several ways to stay current with the latest updates:

Adaptiva
Service ReleaseWhat’s New in Intune (Past Release)
Intune Service Release 2311Intune 2311 November Update New Features Improvements
Intune Service Release 2310New Features In Microsoft Intune 2310 October Update
Table 1 – Microsoft Intune 2312 December Update New Features

Microsoft Intune 2312 December Update New Features, Improvements

The Intune 2312 service releases December update, and some features may roll out over several weeks and might be available to all customers this week. The order and duration vary. Each monthly update may take up to three days to roll out and will be in the following order.

  • Day 1: Asia Pacific (APAC)
  • Day 2: Europe, Middle East, Africa (EMEA)
  • Day 3: North America
  • Day 4+: Intune for Government

To get the latest information on device management technologies, Watch out for HTMD Daily Coverage.

Support to Add unmanaged PKG-type Applications for macOS devices is now Generally Available

You can now upload and deploy unmanaged PKG-type applications to managed macOS devices using the Intune MDM agent for macOS devices. This feature enables you to deploy custom PKG installers, such as unsigned apps and component packages.

You can add a PKG app in the Intune admin center by selecting Apps > macOS > Add > macOS app (PKG) for app type. For more information, see Add an unmanaged macOS PKG app to Microsoft Intune.

Microsoft Intune 2312 December Update New Features Fig.2
Microsoft Intune 2312 December Update New Features Fig.2

Windows MAM Supported in Government Cloud Environments and in 21 Vianet in China

Customer tenants in US Government Community (GCC), US Government Community (GCC) High, and Department of Defense (DoD) environments are now able to use Windows MAM.

Updated Security Baseline for Microsoft Edge

The Microsoft Intune 2312 released a new version of the Intune security baseline for Microsoft Edge, version 117. The Microsoft Edge baseline can help you rapidly deploy configurations to Edge that meet the security recommendations of Microsoft security teams.

As with all baselines, the default baseline represents the recommended configurations. You can modify the default baseline to meet the requirements of your organization.

Microsoft Intune 2312 December Update New Features Fig.3
Microsoft Intune 2312 December Update New Features Fig.3

Support for Variables in noncompliant Email Notifications

Use variables to personalize email notifications that are sent when a user’s device becomes noncompliant. The variables included in the template, such as {{username}} and {{devicename}}, are replaced by the actual username or device name in the email that users receive. Variables are supported with all platforms.

Updated report visualization for Microsoft Defender for Endpoint connector

Intune 2312 release updated the reporting visualization for the Microsoft Defender for Endpoint connector. This report visualization displays the count of devices that have onboarded to Defender for Endpoint based on status from the Defender CSP, and visually aligns to other recent report views that use a bar to represent the percentage of devices with different status values.

New settings for scheduling Antivirus scans added to Antivirus policy for Windows devices

Intune 2312 December Update added two settings to the Microsoft Defender Antivirus profile for endpoint security Antivirus policy that applies to Windows 10 and Windows 11 devices. These two settings work together to first enable support for a random start time of a device’s antivirus scan, and to then define a range of time during which the randomized scan start can begin.

These settings are supported with devices managed by Intune and devices managed through the Defender for Endpoint security settings management scenario.

  • RandomizeScheduleTaskTimes – This setting enables randomization of the scan start time on devices.
  • SchedulerRandomizationTime – This setting this setting, you can set boundaries for the random start time.
Microsoft Intune 2312 December Update New Features Fig.4
Microsoft Intune 2312 December Update New Features Fig.4

Microsoft Tunnel Support for Direct Proxy Exclusion list in VPN profiles for Android Enterprise

Intune now supports configuration of a Proxy exclusion list when you configure a VPN profile for Microsoft Tunnel for Android devices. With an exclusion list, you can exclude specific domains from your proxy setup without requiring the use of a Proxy Auto-Configuration (PAC) file. The proxy exclusion list is available with both Microsoft Tunnel and Microsoft Tunnel for MAM

The proxy exclusion list is supported in environments that use a single proxy. The exclusion list isn’t suitable or supported when you use multiple proxy servers, for which you should continue to use a .PAC file.

Microsoft Tunnel Server Health Metric to Report on TLS Certificate Revocation

Intune 2312 December Update added a new health metric for Microsoft Tunnel named TLS certificate revocation. This new health metric reports on the status of the Tunnel Servers TLS certificate by accessing the Online Certificate Status Protocol (OCSP) or CRL address as defined in the TLS certificate.

You can view the status of this new check with all the health checks in the Microsoft Intune admin center by navigating to Tenant administration > Microsoft Tunnel Gateway > Health status, selecting a server, and then selecting that servers Health check tab.

Microsoft Intune 2312 December Update New Features Fig.5
Microsoft Intune 2312 December Update New Features Fig.5

This metric runs as part of the existing Tunnel Health checks, and supports the following status:

  • Healthy: The TLs certificate is not revoked
  • Warning: Unable to check if the TLS certificate is revoked
  • Unhealthy: The TLS certificate is revoked, and should be updated

Configure offline caching in Microsoft 365 (Office) for Android devices

You can enable or disable offline caching when Save As to Local Storage is blocked by the app protection policy, you can use a configuration key in an app configuration policy to enable or disable offline caching. This setting is only applicable to the Microsoft 365 (Office) app on Android.

KeyValue
com.microsoft.intune.mam.IntuneMAMOnly.AllowOfflineCachingWhenSaveAsBlockedfalse (default) disables offline caching when Save As to local storage is blocked
true enables offline caching when Save As to local storage is blocked
Table 2 – Microsoft Intune 2312 December Update New Features

Win32 App Grace Period Settings on Device

Starting with Intune 2312 December Update, On a device where a Win32 app with grace period settings has been deployed, low-rights users with non-administrative privileges can now interact with the grace period UX. Admins on the device will continue to be able to interact with the grace period UX on the device.

Let’s check how to Enable Device Restart Grace Period for Win32 App. This configuration will ensure that the device will restart after the Win32 app installation.

Microsoft Intune 2312 December Update New Features Fig.6
Microsoft Intune 2312 December Update New Features Fig.6

Intune Win32 App Size Limit Increased to 30 GB

The Windows Application Size limit has increased to 30 GB per app. You can use Win32 app management to deploy the application size up to 30 GB.

Microsoft Intune 2312 December Update New Features Fig.7
Microsoft Intune 2312 December Update New Features Fig.7

We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.

Author

About Author – JiteshMicrosoft MVP, has over six years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10/11 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.