Event banner
Event details
66 Comments
- The app update list is that for all applications or just for those in your system
- Per the video, just the ones that Microsoft validates and adds to the catalog.
- Heather_Poulsen
Community Manager
Thanks for joining us! We’ll continue to answer questions here in the chat for the rest of the half hour and we’ll check back through the end of the week. If you missed the live broadcast, don’t worry – you can watch it on demand.
And, if you’ll be in San Francisco for RSA 2023 later this month, join us at the Secure and Connected Endpoints Breakfast.
- Will this integrate with the CVE listings we see in the Security center? Like, if you already know that Zoom has an OpenSSL CVE, and that 12 of my machines have it installed, where is the button to say, "Force Winget Upgrade that package on exposed devices."? Finally, will this conflict with winget installed apps? Winget often has issues with software installed any way besides winget. If I've been using Winget to install software on my fleet of machines, can this new tool be used to force upgrades to those installed apps?
- Hey Danny, just wanted to say I appreciate your enthusiasm and understanding of the core problem. It's refreshing to see. I spend a lot of time working on application patching and do enjoy the work, but it is a lot. Is there a way I can contribute my knowledge to you and your team or to the community to help achieve the goals?
- Are app update notifications only for apps deployed from the Advanced Application Management Catalog? Not manually packaged Win32 apps?
JaminAlmondMicrosoft
Only apps deployed from Advanced Application Management.JaminAlmond Shoot. Just to be clear, that means existing deployed apps can't be patched using this? If so, that's a huge bummer. The migration path would be ugly.
- Will this solution support Co-management?
- Shravana_MukherjeeYes, advanced app management should work for co-managed devices.
- Excellent. Can't wait to try this out. Thanks Danny and team for developing this.
- What license is required for Advanced app management (Intune Plan 1, Intune Plan 2 and/or the Intune Suite)?
- JaminAlmondAdvanced App Management will be included in Microsoft Intune Suite.
- Any plans for automation and deployment rings? From what I'm hearing, this is semi-automated but not fully there.
- KevinMineweaser_MSFTThank you for your question. In the future there will be automation capabilities with graph integration.
Someone at Microsoft has forgotten why do-whatever-they-want EXE and MSI installers were not allowed in the Store. The store WAS more than just a list of installable apps. By requiring legacy apps to be APPX packaged, or better, MSIX packaged UWP apps, it got us closer to the security and privacy model that Android, Chrome OS and iOS have.
I am thankful I may no longer have to re-package as many applications. However, as long software vendors are allowed to do whatever they want, they have no incentive to change. Without Microsoft putting their foot down, we are forced to not only take on the added risks associated with these poor software practices and designs, but also attempt to apply safeguards around them, then clean up any messes after a compromise.
#ShouldBeUWP #ShouldBeMSIX
- For the CVE details: did you test against MDE? Did it detect the same apps + CVEs? Or in best case is Intune using the same Graph data as MDE
- CVE info would be most excellent. Prioritization of apps to update by CVE score is quite important to us.
