Microsoft Intune’s July 2025 update streamlines Mac admin access with LAPS integration, offers real-time Apple device update tracking via declarative device management, introduces wildcard support for Windows privilege rules, and customizes device cleanup per platform—boosting IT efficiency and security.
What’s New in Microsoft Intune: July 2025 Update
Microsoft Intune’s July 2025 update brings powerful enhancements for Apple and Windows device management. These changes tackle common IT headaches, especially around credential access and update tracking. If you manage macOS or Windows endpoints, this release is a game-changer.
Eliminate Mac Credential Delays with LAPS Integration
Help desk teams often waste hours chasing admin credentials on Macs. Microsoft heard the pain and introduced Local Admin Password Solution (LAPS) integration for macOS automated device enrollment (ADE). Now, Intune can create local admin accounts with strong, randomized passwords that rotate every six months automatically.
This means IT pros retrieve passwords securely from Intune, fix issues quickly, rotate passwords, and return devices—all without compromising security. Plus, standard user accounts can be customized with dynamic variables like {{username}} and {{serialNumber}} to fit your organization’s naming policies.
“Technology isn’t the problem. It’s the time it takes to chase these credentials so I can help my team.”
Real-Time Apple Device Update Visibility via Declarative Device Management
Apple admins now get live progress tracking for software updates thanks to enhanced reporting built on Declarative Device Management (DDM). Devices report update status from download to installation in real time, eliminating guesswork and manual status checks.
This update is timely since Apple will deprecate traditional MDM software updates with OS 26 in 2025. Intune’s DDM policies offer better performance and scalability, making the transition smooth and future-proof.
IT teams managing kiosks or mission-critical devices can now monitor updates during maintenance windows and react instantly if something goes wrong.
Why This Matters
- Faster, more transparent update tracking.
- Improved reliability for frontline devices.
- Seamless shift from legacy MDM to DDM.
Flexible Windows Endpoint Privilege Management with Wildcards
Windows admins often rewrite elevation rules for every new installer version. Intune now supports wildcards in Endpoint Privilege Management (EPM), letting you create one rule that covers multiple app versions.
This reduces admin overhead and keeps security tight. For example, a single wildcard rule can match all updater executables in Program Files, replacing dozens of version-specific entries.
Custom Device Cleanup Rules for Every Platform
Device cleanup just got smarter. Intune now allows per-platform cleanup rules for Windows, iOS/iPadOS, macOS, and Android. This flexibility helps keep device inventories accurate without applying one-size-fits-all policies.
Audit logs also provide visibility into which devices were cleaned up or hidden, helping maintain hygiene and compliance.
“Stories like my friend’s weekend credential hunt are exactly why these capabilities matter—reducing the friction that gets in the way of the work IT teams actually want to do.”
Final Thoughts
July’s Intune update focuses on saving time and boosting security across Apple and Windows devices. Whether you’re tackling Mac admin access delays or simplifying Windows privilege rules, these features streamline IT workflows. Stay ahead by embracing these improvements and keep your device management smooth and secure.
Don’t forget to bookmark the Microsoft Intune Blog and follow @MSIntune on X for the latest updates.
From the Microsoft Intune Blog articles
