2024.07.28
Changed and renamed several CA rules related to mobile devices
2024.06.12
Raised several OS requirements for mobile devices:
- iOS Devices:
- Current Patch Level:
17.4 - New Minimum Patch Level: 17.5
- Current Patch Level:
- Android Devices:
- Current Version:
11 - New Minimum Version: 12
- Current Security Level:
2024.02 – February - New Minimum Security Level: 2024.05 – May
- Current Version:
2024.04.*
Applocker restrictions
Starting April and onwards, applocker policies will be rolling out to all devices. This will limit locations where executables, scripts and installers will be allowed to launch from. This is to further mitigate possible threats. Details about rules will not be made publicly available.
More information about AppLocker: AppLocker – Windows Security | Microsoft Learn
Security groups for exclusions: Prof-IT Baseline Security Groups – Prof-IT Services
WinGet Application Updates
Starting April and onwards, third-party and Microsofts will be updated by WinGet combined with Chocolatey, instead of only with Chocolatey. This will further improve security and reduce possible vulnerabilities.
2024.04.26
Introduced security group “Baseline – Users Mobile App Protection Less Restrictive”. This group allows users to use Microsoft protected applications on mobile devices without storage or copy/paste restrictions.
Users with less restrictions are required to enroll into Intune.
2024.04.05
Device Recommendations Notifications
Recommendations of unmanaged applications and mobile devices will be sent by email every Wednesday to all users of tenants that have Defender for Endpoint notifications enabled.
2024.03.18
Web Access Intune Compliance
Added the option to require Intune compliancy for web access, controlled by security group:
“Baseline – Users Web Require Intune Compliance Excluded”
Security group rename
Renamed group:
“Baseline – Users Require Strong Authentication Excluded”
to:
“Baseline – Users Web Require Strong Authentication Excluded”
2024.03.16
Mobile Devices OS Version Requirements
The minimum OS version for Android and iOS devices has been raised, as multiple high-risk vulnerabilities are available.
iOS: 17.4.
Android: Patch Level February 2024.