You can now manage Windows drivers and firmware updates with Intune. Microsoft announced the general availability of Windows drivers and firmware update management policies and reports in Microsoft Intune.
There are two key ways in which the new Intune functionality makes it simpler to maintain the most recent drivers on your Windows devices.
- Using generic tools to manually download, repackage, and distribute drivers will no longer be necessary.
- You can benefit from the policies and reports for managing driver updates that are based on the Windows Update for Business deployment service.
Capabilities
As per the announcement by Microsoft, these new capabilities are part of Intune Windows Enterprise offerings, providing you with multiple benefits:
- Intelligent servicing helps identify which driver updates are available for devices in the policy.
- You can rely on trusted quality thanks to prior certification and validation by numerous device manufacturers.
- More granular controls allow you to pause the deployment of a particular driver.
- Optional drivers and firmware are also available to complement the recommended updates.
- Detailed reporting is built into Intune to help you monitor device status, alerts, and recommendations for remediation.
- Windows Autopatch automatically creates driver policies that allow you to roll out drivers and firmware across your deployment rings (unless you opt out of the service), with more granular controls coming later this year.
Let’s explore how you can create and manage driver update policies and reports!
Manage Windows drivers and firmware updates with Intune
Microsoft advises a proper approach to creating and managing driver update policies in Intune. Here’s how you can manage Windows drivers and firmware updates with Intune.
Step 1: Create a driver update profile and deployment rings
Create a new driver policy, defining how you want to approve drivers and make the updates available in X days. You can choose to manually approve and deploy driver updates or automatically approve all the recommended driver updates.
Step 2: Review the available drivers
After you have defined a policy for driver updates, the Drivers to review column will include the count of new recommended driver updates ready to review for manual approval.
Step 3: Manually approve the Windows Drivers
Once the drivers are populated, select the Approve option under Actions in the flyout to manage drivers. You may also specify the date to make the driver available to devices when they scan Windows Update.
Step 4: Pause Windows Drivers
Whether you choose automatic or manual approvals, you can pause any approved driver in Intune. You can do this to prevent any devices that haven’t yet received the update from being offered that update.
Monitor the Drivers and Firmware Updates with Reports
The report you’ll probably use the most is the Windows Driver Update report. The Windows Driver Update report shows if the device has an alert or problem preventing the update.
Like the Windows Feature Update and Windows Expedited Update reports, this report provides a summary of installed, in-progress, and error devices, along with the per-device detailed status. The state of a device is shown as downloading, installing, or other.
You can find this report under Reports > Windows Updates. Select the Reports tab and open the Windows Driver Update Report.
What’s Next?
Microsoft is hoping to deliver the following capabilities in the coming years:
- Seeing all devices for which a driver is applicable
- Knowing the device model that a driver supports
- Bulk editing
- Aligning driver approvals with the patch Tuesday. Note: This would ensure that if a reboot is required, it reboots along with the monthly security update.