HOWTO: Deploy PrintNightmare fix with Intune and Windows Update for Business

I have had several customers the last week asking how to fix the PrintNightmare and patch it when using Intune and Windows Update for Business. So this is just a short and quick HOWTO on using expedite updates feature in Intune.

First create a group with all Windows 10 devices

Go to Microsoft Endpoint Manager portal: https://endpoint.microsoft.com and go to Groups.

Type in a name for the group.

I used All Windows 10 devices.

Select “Dynamic Device” in Membership type

Click “Add dynamic query”

Click on “Edit”

Put in the folllowing query and cllick OK:
(device.deviceOSType -eq "Windows") and (device.deviceOSVersion -startsWith "10.0")

Click save:

Create Expedite Update in Intune

Go to Microsoft Endpoint Manager portal https://endpoint.microsoft.com and go Devices, Windows 10 Quality Updates and Click Create profile.

Give it an appropriate name.

Make sure 07/06/2021 – 2021.07 OOB Security Updates for Windows 10 is selected.

Select the amount of days the end user can choose when they want to restart. When this period is done, the device will force a restart.

Click Next.

Assign the group we created earlier byt click “Add groups” and search for the group.

I use “All Windows 10 devices”.

Click Next.

Click Create.

Monitoring the update rollout

There is a little built in monitoring for Expedites updates in Intune.

It can be viewed in the Reports Pane.

Go to https://endpoint.microsoft.com, Reports and click Windows Updates.

The above is just a screenshot from a demo environment and I can see I a lot of troubleshooting to do with that amount of errors.

For a more detailed view, click on Reports in the top and select “Windows Expedited Update Report”

Here you need to select with expedited update you want a report for and then click Generate.

Below we can see computer names and

Maybe in a later block post I will dive deeper into troubleshooting errors, but for now that is it.

/@larsstaal

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s