Deploy Windows Update Package via Intune

You can deploy windows update as a package via Intune. Go to Microsoft catalog site and search the update you want to install and click Download.

Microsoft catalog :

I am trying to download KB5008215 December update for deploying to Windows 11 machines. The downloaded update will be saved as a *.msu file and then use Microsoft Win32 Content Prep Tool to convert the *.msu file into the .intunewin format.

Download the tool from the below link and the tool will guide you the required parameters step by step in the command line and converts the file into *.intunewin format.

Windows update file is converted and after you use this tool, you will be able to upload and assign the apps in the Microsoft Intune console.

Goto Microsoft Endpoint Manager Admin Center portal and Click Apps -> All Apps -> Add and select App type “Windows app(Win32)”.

On the App information page, select the package file and provide the details of the app and click Next.

On the Program page, provide the Install, Uninstall command and behavior of the installation and click Next.

On the Requirement page, specify the architecture and operating system details and Click Add to configure additional requirement rules and create requirement. For this application, selected registry and provided operating system build number version and click ok.

On the Detection rules page, specify KB detection PowerShell script and click Next.

On the Assignments page, select the devices group and specify assignment type.

      Required: The app is installed on devices in the selected groups.

      Available for enrolled devices: Users install the app from the company portal app or the company portal website

You can set End user notifications, availability and installation deadline and click Next.

On the Review + create page, review the configured settings and click Create to complete the application creation.

Application has been created successfully in Intune console and then review log on the machine to check the installation process.

Logs on the client machine are commonly in  C:\ProgramData\Microsoft\IntuneManagementExtension\Log. Open IntuneManagementExtension log in CMtrace viewer and verify the installation status. The installation completed and received notification for system reboot.

Post system reboot, the update has been installed on the machine.



Contact Us

On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.