Driver Updates via Intune: Step by step

As we already know via Intune, we will deploy Windows updates but Driver updates are very critical as well, in normal scenarios, we generally don’t think about driver updates regularly. The good news is driver updates via Intune are possible now. In this article, I will show you how we can manage window driver updates step by step. You can apply this to both Windows 10 and Windows 11 systems. If you want to know how to configure Windows Update for Business, read this article

Let’s understand the benefits of Windows Driver updates using Intune

As per the announcement by Microsoft, these new features are part of the Intune Windows Enterprise licenses. The following are the benefits of using Intune to deploy Windows driver updates:

• Microsoft service will identify which drivers are available as per the device policy configured.
• Option to choose driver deployment automatic or manual approve or reject
• You will get all verified and digitally signed drivers from approved vendors only
• Intune offers more control as pauses deployment and revokes installed drivers.
• Recommended updates, optional drivers and firmware are also available.
• Microsoft reporting is super that will give you detailed information for your further plan.

Prerequisites

To use Windows Driver Update Management in Intune, we need to first ensure that all prerequisites are met. To manage Windows driver updates for your Windows devices, you must have the following licenses, subscriptions, and necessary network configurations.

The following subscriptions are required for Windows driver update management with Intune.

• Microsoft Intune Plan 1 subscription.
• Azure AD Free (or greater) subscription.

Apart from Intune & Azure licenses device level license is also required:

• Windows 10/11 Enterprise E3 or E5
• Windows 10/11 Education A3 or A5
• Windows Virtual Desktop Access E3 or E5
• Microsoft 365 Business Premium

Following Windows Editions is mandatory

• Pro
• Enterprise
• Education
• Pro for Workstations

Now let’s see Windows Device Requirements correlation with licenses:

• It will work only on Windows 10 and Windows 11 running a version in which Microsoft support is available.
• Your device should be enrolled in Azure AD. Learn how to enroll Windows 11 devices in Intune.

Configuration and deployment

Multiple steps involved in this we will understand one by one.

Step 1: Device update policy creation

• Sign in to the Microsoft Intune admin center.
• Go to Devices > Windows
• Select the Driver updates for Windows 10 and later.
• Select Create a New Profile

• Add name and description as you need

• Click Next.

• On the Settings tab, this is where you need to decide how your organization wants to implement these Driver updates:
  • Manually approve and deploy driver updates: Someone from the Admin group needs to check periodically and approve the driver for deployment
  • Automatically approve all recommended driver updates: This will approve all recommended drivers without the admin’s concern.

 

• For now, I have selected the option “Manually approve and deploy driver updates“. But if you select Auto approval need to select the days of deferrals, which means when the update is released from the vendor how many days you would like to implement in your organization.

• Select the appropriate tag or leave it to default and click Next.
• Now select the assignment whom you would like to deploy, you can choose a specific device group or you can select all, your choices.

• Click on Review and Create.

Step 2: Review Available Driver Updates in Intune

After policy creation, It will take some time to sync, meanwhile, you can click on the sync button and hit manual syn.

Those who choose to Manually approve the driver will get the below option to review the driver

Step 3: Approve Windows Drivers in Intune

When you open the policy, you will have both “Recommended Drivers” and “Other Drivers“. Now needs to review and approve:

• Select one of the drivers from the Driver name column.

• Once you click on that in Blade you will get the option to make available dates and approve or reject

 

Step 4: Optionally Pause driver updates

You can pause approved drivers if you find any issues or concerns. To do so follow the steps:

• Select the  Driver Update Policy and choose the driver from the Driver name column.
• Click on  Manage Driver and choose Pause in the additional details section.

I know it’s a long document but worth it. Go step by step and then let me know if you have any questions.

Check out more about Intune & I have a specific section for Windows troubleshooting  I hope you will like to explore.

Always check the Microsoft Learn website for new study programmes.