Microsoft has announced that it is introducing a new way to push Windows 11 Quality Updates on Intune-managed devices. The company says that the upcoming October Windows update for Windows 11 versions 22H2, 23H2 and 24H2, will be automatically downloaded and installed during the initial Out of Box Experience (OOBE) provisioning and configuration. The company says that such a feature was "one of the top customer requests."
It writes:
With the upcoming October Windows update, all Windows 11, version 22H2 and higher, devices that are enrolled with an MDM, e.g. Microsoft Intune, will automatically download and install quality updates during OOBE. This will apply to all MDM-enrolled devices, regardless of whether they’re pre-registered with Windows Autopilot or not.
The updates will be applied before the user reaches the desktop, ensuring that the device is fully patched before logging in.
For those wondering what Microsoft means by "Quality Updates," these are essentially meant to signify the Patch Tuesday updates that are released every second Tuesday bringing mainly security fixes but also adding new features.
For example, the tech giant released September 2024 Patch Tuesday updates last week under KB5043064, KB5043050, KB5043051, KB5043083 for Windows 10; KB5043076, KB5043067 for Windows 11 22H2 and 21H2; and KB5043080 for Windows 11 24H2; and alongside these, it also released the OOBE update (KB5043939), but for version 24H2 only.
The company also published a Setup update (KB5043353), and a WinRE update (KB5043355) as well, also for version 24H2.
Microsoft has also detailed how the new update process during OOBE will work:
The new experience will look like this:
- After the device connects to the internet and checks for updates, if there are available quality updates found, the device displays a message on the updates page stating that updates are available and being installed.
- The device then downloads and installs the quality updates in the background, while showing installation progress.
- Once the updates are installed, the device restarts and continues to the desktop. The user then signs in to the device and the device completes enrollment.
Due to this upcoming change, Microsoft says that the initial setup will take longer due to the downloading and installation of a Quality Update. As such, it recommends the extension of the validity period of temporary access passes (TAP) when enrolling.
You may find more details about the new change here on the Tech community blog post on Microsoft"s official website.