Microsoft Ignite 2024 was once again back in Chicago, where it all started in 2015. I remeber having such FOMO not being able to go there, since one of my favourite bands at the time (the Chigaco band Fall Out Boy) played at Ignite.
But it was great being back at a large event, and Microsoft does a good job running big events. This was still a “small” Ignite with about 10 000 participants, but that is still A LOT of people. I went there with my colleagues from Advania, which was a lot of fun!
The red tread through Ignite 2024 was of course Copilot, “the UI of AI”. So it was Copilot everything, and you can really tell that this is the big bet going forward. So if you haven’t paied attention to Copilot yet, now is the time to start.
But since that Copilot is the big thing, I decided to actually put Copilot into good use and help me find all the important updates around Windows, Windows 365 and Intune for this blog post. This is the prompt I used to create my draft, it did however miss a few important points so consider using this prompt for drafts.
Can you help me gather all news around Windows, Windows 365 and Microsoft Intune from Microsoft Ignite 2024. I want to devided into each topic, with the topic stated as the H1 heading, and then each news per area as H2 headings.
for each news, write a short descriptive text.
make sure to only reference Microsoft sources
Microsoft gathers all news from Ignite in the Book of News which was released on the first day of Microsoft Ignite. If you want to check out the full list, you can find the Book of News 2024 here.
It was also great meeting all the community people which I haven’t seen in a while, both MVPs and Microsoft people.
Windows
Windows Resiliency Initiative
Microsoft introduced the Windows Resiliency Initiative to enhance the reliability and security of Windows. This initiative aims to allow more applications to run without requiring admin privileges, implement stronger controls for apps and drivers, and improve identity protection. These measures are designed to make Windows more robust and secure for all users[1].
Windows Hotpatching
Windows 11 Enterprise, version 24H2, introduces hotpatch updates that apply security patches immediately without requiring a restart, reducing disruptions. Devices receive a standard monthly security update and restart in the first month of each quarter, followed by hotpatch updates in the next two months. Managed via Intune and Windows Autopatch, hotpatching can auto-detect eligible devices and streamline update deployment. The public preview invites user feedback to improve the service before general availability, with more information to be shared as the rollout continues.
Read more here: Hotpatch for client comes to Windows 11 Enterprise
Quick Machine Recovery
This new feature allows IT administrators to remotely execute targeted fixes from Windows Update on PCs that are unable to boot. This capability is particularly useful for quickly resolving issues without needing physical access to the affected machines, thereby reducing downtime and improving efficiency[1].
Collaboration with Endpoint Security Partners
Microsoft is working closely with endpoint security partners to improve security and reliability. This collaboration includes new requirements for partners, such as controlled gradual rollouts and enhanced incident response processes. These efforts aim to ensure that security updates and patches are deployed smoothly and effectively[1].
Windows Hello Authentication
Windows Hello has been extended to support passkeys, offering a simpler and safer way to sign in. This enhancement aims to improve user convenience while maintaining high security standards[1].
Administrator Protection
This new feature allows employees to make system changes using temporary admin tokens. By granting temporary admin privileges, this feature enhances security by reducing the risk of unauthorized changes while still allowing necessary modifications[1].
Read more about Administrator Protection here: Administrator protection on Windows 11
Windows 365
Windows 365 Link
The Windows 365 Link is a new class of devices built to connect securely to Windows 365 in seconds. These devices are designed to provide a seamless and secure connection to the cloud, enabling users to access their Windows environment from anywhere[1].
You can read more about the Windows 365 Link here: Windows 365 Link—the first Cloud PC device for Windows 365
Windows 365 Frontline shared mode
Windows 365 Frontline now supports shared mode for brief, ad-hoc tasks. This feature allows multiple users to share a single device for short-term tasks, improving flexibility and resource utilization[2].
Want to read more? Check this official Microsoft blog post: Windows 365 Frontline shared mode now in public preview – Windows IT Pro Blog
Windows in Mixed Reality
Windows 11 capabilities are now available on mixed reality headsets like Meta Quest 3. This integration brings the power of Windows to the mixed reality space, enabling new immersive experiences and applications[2].
Mobile Application Management (MAM)
Enhanced device redirection and security features are now available on unmanaged devices. These improvements provide better control and security for mobile applications, even on devices that are not fully managed by IT[2].
Microsoft Intune
AI and Analytics
Intune Enhanced device hardware inventory
Intune now offers enhanced device hardware inventory, allowing administrators to query multiple devices and take remote actions based on the query results. This feature provides deeper insights and more control over the device fleet[3].
You can read more here: Enhanced hardware inventory in Intune coming in December
Security Copilot in Intune
Security Copilot brings AI-powered endpoint security to Intune, offering real-time threat detection and response. This integration enhances the security posture of managed devices by leveraging advanced AI capabilities[3].
Device Management
Cross-Platform Device Inventory
Intune’s device inventory capabilities are expanding to include iOS, Android, and macOS devices by early 2025. This expansion allows for comprehensive management of a diverse range of devices from a single platform[3].
Enhanced macOS Management
New options for certificate storage in the user keychain have been introduced for macOS devices. These enhancements improve the security and manageability of macOS devices within the Intune environment[3].
Specialty Devices
App Protection Policies for Apple Vision Pro
Intune now supports configuring app protection policies and Conditional Access for Apple Vision Pro. This support ensures that these advanced devices can be securely managed and used within enterprise environments[3].
EPM Support for ARM64
Elevation requests from ARM64-based Windows devices are now supported in Intune. This feature allows for better management and security of ARM64 devices, which are becoming increasingly popular[3].
References
[1] Microsoft Ignite 2024: Embracing the future of Windows at work