Microsoft has identified a security baseline policy update issue in Intune where custom settings differing from recommended defaults are lost during upgrades (e.g., 23H2 to 24H2). Admins should manually reapply customizations until a fix is released. Stay updated via Microsoft Learn. Bullet points:
Microsoft Intune Security Baseline Update Issue: What You Need to Know
Microsoft recently uncovered a glitch in the Intune security baseline update process. This affects admins updating from one baseline version to another, like from 23H2 to 24H
What’s New: The Customization Problem
The core issue is that any custom settings differing from Microsoft’s recommended baseline values aren’t saved during updates. This means your tailored security tweaks might disappear unexpectedly.
For organizations relying on precise security configurations, this can cause headaches and potential gaps in protection.
“Customizations made, which differ from the security baseline recommended value, aren’t retained during the update process.” – Intune Support Team
Major Update: Temporary Workaround for Admins
While Microsoft works on a permanent fix, the suggested workaround is manual reapplication of customizations after each baseline update. It’s not ideal but necessary to maintain your security posture.
Admins should refer to the official Microsoft Learn documentation on updating profiles to the latest baseline version for detailed guidance.
Why This Matters
Security baselines are crucial for enforcing consistent and robust endpoint protection. Losing custom settings during updates risks weakening defenses or causing compliance issues.
Therefore, staying vigilant during baseline upgrades and double-checking configurations is essential for IT teams.
“We’re working on a fix to address this issue and will update this blog when we have more information.” – Intune Support Team
What’s Next: Monitoring and Support
Microsoft promises a fix soon but hasn’t provided a timeline yet. Meanwhile, admins can ask questions or report issues via the Intune support team on X (formerly Twitter) at @IntuneSuppTeam.
Following the Microsoft Community Hub blog is also advised to catch updates as they happen.
Final Thoughts
If you manage endpoint security with Intune, this update issue is a reminder to stay proactive. Always verify your custom settings after baseline upgrades to avoid surprises.
Although it’s a temporary annoyance, the Intune team’s transparency and support channels make navigating this smoother. Keep an eye out for the upcoming fix to streamline your security baseline updates.
From the Intune Customer Success articles
Windows Server Devices Now Recognized as a New OS in Intune Microsoft has announced that Windows Server devices are Read more
Microsoft Power Platform is leading the way in AI-generated low-code app development. With the help of AI, users can quickly Read more
Microsoft Intune is an enterprise mobility management platform that helps organizations manage mobile devices, applications, and data. The October edition Read more
Microsoft Intune has released its November edition, featuring new updates to help IT admins better manage their organization’s mobile devices. Read more
