Event details

If you are looking for tips on how to easily manage updates for your Windows devices, don’t miss this Ask Microsoft Anything (AMA) session at Tech Community Live! Get clarity on the “when, why, and h...
Heather_Poulsen
Updated Dec 05, 2025
AMA
Tech Community Live
nlmitchell's avatar
nlmitchell
Iron Contributor
Dec 03, 2025

Morning, we have received notification that applying updates during OOBE is going to be reintroduced in January. For us it aligns nicely with a hardware refresh that will be beginning in January.

Are you able to share any details regarding what has changed since it was first introduced and subsequently removed due to issues?

Also, do the updates apply during pre-provisioning or user OOBE stage? Is it just OS cumulatives or will it support Feature Updates as well?

  • AriaUpdated's avatar
    AriaUpdated
    Icon for Microsoft rankMicrosoft
    Dec 03, 2025

    **Ignore - Jason's response is accurate. :)

     

    Great to hear that you're excited for this improvement! This will apply only to the cumulative Security quality updates (Patch Tuesday updates) and will apply during the user OOBE stage. As noted, this feature will be manageable via Intune Autopilot or other MDMs who choose to integrate with such and will honor update deferrals policies as well. The details in this blog regarding the experience are still accurate: Get ready for Windows quality updates out of the box - Windows IT Pro Blog

  • Jason_Sandys's avatar
    Jason_Sandys
    Icon for Microsoft rankMicrosoft
    Dec 03, 2025

    Nothing has specifically changed other than the feature being opt-in instead of opt-in. Configuration remains exactly the same as previously shared (within the ESP profile). This is for quality updates only, not feature updates -- there is no current information to share on the development or delivery of feature update installation during provisioning.

    As for when the updates are applied, they are applied immediately at the very end of OOBE. They do not occur during the technician phase of pre-provisioning. Pre-provisioned devices will still have the updates applied if the device is opted-in, this just won't happen until the end of OOBE the same as user provisioning.

    • nlmitchell's avatar
      nlmitchell
      Iron Contributor
      Dec 03, 2025

      Thanks for getting back to me Jason_Sandys​ , much appreciated.

      Out of interest, are there any plans to allow updates to apply during the pre-prov stage before the device is resealed.
      We will be working with a supplier that will do the pre-provisioning of the devices before they then get shipped out directly to our end users. Having updates apply during the user provisioning stage will only increase the time it takes for the end user to get to the windows desktop. From a security perspective, it would be much more secure having them apply during pre-prov stage, that way it arrives with the end user up to date.

      I can see a trade off between device security and end user experience on the horizon for us if i'm honest.

      • Jason_Sandys's avatar
        Jason_Sandys
        Icon for Microsoft rankMicrosoft
        Dec 03, 2025

        At this time, no there are no plans to enable update installation directly in the technician phase of pre-provisioning. 

        I don't disagree with your assessment and the possible impact. The current design was ultimately driven by many technical factors.

        For your scenario, as long as the supplier starts with a newly imaged device, it should have the latest cumulative update already installed.