This post will show the new features released in Microsoft Intune Service Release 2207. Microsoft release updates as frequently as every week. Here specifically, you will get an overview of Intune monthly release updates.
Every update contains new features, bug fixes, and, most importantly, new capabilities. It allows you to try out new features and provide the best experience. You can get more information about updates by knowing the Intune service release.
The Service Release number in the Tenant Status blade in your console shows the released update. The new features are publicly available and provide an overview of the current release. This is published once Microsoft starts rolling out the admin UI updates in the console.
Microsoft Endpoint Manager Intune service release 2207 includes two key security and user improvements, including the return of several capabilities in Windows Autopilot and support for enhanced security options for Automated Device Enrollment (ADE).
Intune Service Health messages keep all health messages for the Intune service in one place. The health page is designed to inform you about known issues so you can troubleshoot issues your users may be experiencing and determine when and at what scale, to deploy an update in your organization.
- Intune Service Health Status Message In MEM Admin Center
- Intune Version Numbers -Service Release Numbers with Feature Details
- Intune Security Baselines Policies for Windows 10 or Windows 11 Deployment Guide
Intune Monthly Update Details
The update and some features may roll out over several weeks and might not be available to all customers in the first week. The order and duration vary.
Each monthly update may take up to three days to rollout and will be in the following order –
- Day 1: Asia Pacific (APAC)
- Day 2: Europe, Middle East, Africa (EMEA)
- Day 3: North America
- Day 4+: Intune for Government
Check Microsoft Intune Service Release Version
The following steps help you to check Intune service release version of your tenant –
- Sign in to the Microsoft Endpoint Manager admin center https://endpoint.microsoft.com.
- Navigate to Tenant Administration and select Tenant Status.
- Under the Tenant Details tab, you will see the current service version for your account under “Service Release”. You can see the Intune Service release 2207 indicating the latest released version.
Intune Service Release Version numbers are named based on the YYMM format. For example, Here Service release version is 2207!” It means this version is released in July 2022.
Note – The service release number is a link that opens the What’s new in Intune article on Microsoft docs. Here you can get information about the latest features and updates to the Intune service.
New Features In Microsoft Intune Service Release 2207 – July 2022 Update
Let’s check the new features and improvements added to Intune Service Release 2207, July 2022 Update –
New Search Feature in Preview Devices for Intune Filters
Starting with Intune Service Release 2207, In the Microsoft Endpoint Manager admin center, you can create filters, and then use these filters when assigning apps and policies (Devices > Filters > Create).
When you create a filter, you can select Preview devices to see a list of enrolled devices that match your filter criteria. In Preview devices, you can also search through the list using the device name, OS version, device model, device manufacturer, user principal name of the primary user, and device ID.
New Hardware Details Available for Individual Devices Running on iOS/iPadOS and macOS
Starting with Intune Service Release 2207, Microsoft Intune now collects the Product Name attribute for iOS, iPadOS, and macOS so you can see your exact device model. This information can be used for understanding device replacement or OS version support.
In MEM Admin Center, Select Devices > All devices > select one of your listed devices and open its Hardware details. The following new detail is available in the Hardware pane of individual devices:
- Product name: Shows the product name of the device, such as iPad8,12. Available for iOS/iPadOS and macOS devices.
New iOS/iPadOS and macOS settings available in the Settings Catalog
The Intune Settings Catalog lists all the settings you can configure in a device policy all in one place. There are new settings available in the Settings Catalog (Devices > Configuration profiles > Create profile > Platform iOS/iPadOS or macOS> Settings catalog for profile type).
- Networking > Cellular
- User experience > Notifications
- Printing > Air Print
- App Management > App Lock
- Networking > Domains
- Networking > Network Usage Rules
- System configuration > System extensions:
- Removable System Extensions
- System configuration > System extensions:
- Allow User Overrides
- Allowed System Extension Types
- Allowed System Extensions
- Allowed Team Identifiers
Remote Help Version: 188.8.131.52 Release
The Remote Help application is the client-side app that helps take control of the remote computer managed by Intune and assists the end-users.
Starting with Intune Service Release 2207, With Remote help 184.108.40.206 various fixes were introduced to address the ‘Try again later’ message that appears when not authenticated. The fixes also include an improved auto-update capability.
Detailed blog about the Intune Remote help solution – New Intune Remote Help Solution Available With Intune MEM Admin Center.
Initiate Compliance Checks for your AOSP devices from the Microsoft Intune App
Starting with Intune Service Release 2207, You can initiate a compliance check for your AOSP devices from the Microsoft Intune app.
Navigate to Device details. This feature is available on devices that are enrolled via the Microsoft Intune app as user-associated (Android) AOSP devices.
You can monitor the bootstrap token escrow status for an enrolled Mac in the MEM admin center, Starting with Intune Service Release 2207. A new hardware property in Intune, called Bootstrap token escrowed, reports whether or not a bootstrap token has been escrowed in Intune.
For Android Enterprise devices, you can use a new setting, Common Criteria mode, to enable an elevated set of security standards typically used by only highly sensitive organizations, such as government establishments.
The new setting, Common Criteria mode, is found in the System security category when you configure a Device restrictions template for the Android Enterprise – Fully Managed, Dedicated, and Corporate-Owned Work Profile.
Devices that receive a policy with Common Criteria mode set to Require, elevated security components that include but are not limited to:
- AES-GCM encryption of Bluetooth Long Term Keys
- Wi-Fi configuration stores
- Blocks bootloader download mode, the manual method for software updates
- Mandates additional key zeroization on key deletion
- Prevents non-authenticated Bluetooth connections
- Requires that FOTA updates have 2048-bit RSA-PSS signature
Return of key functionality for Windows Autopilot sign-in and Deployment Experience
Starting with Intune service release 2207, MEM admins will be able to:
- Pre-populate the Azure Active Directory (Azure AD) User Principal Name (UPN) under the pre-provisioning landing page and Azure AD sign-in page. Note: This is limited based on the manufacturer. Please contact your OEM to confirm if this functionality is enabled.
- Automatically re-enroll a device through Autopilot for instances where the profile is set to self-deployment or pre-provisioning modes (public preview) without deleting the device record.
Note: This is limited based on the manufacturer. Please contact your OEM to confirm if this functionality is enabled.
- Automatically re-enroll devices where hardware components may have been replaced with Autopilot auto-remediation if the OS has not been reset.