Long question, saved it for after the session: Is there any thought of having an option of delaying updates (both security and general updates) and have a pre-production / production granularity via Intune? Example: Microsoft releases an update today for general consumption. Desire is to delay by X days for Collection A of workstations, delay by Y days for Collection B. Once the delay is past, then download and install the update for Collection A. And then have the toast notification built into it for pending reboot (we currently use a script that checks pending reboot > 7, then toast) Purpose is that we are paranoid and do not enjoy "cutting edge patching". We've seen Microsoft release a patch and then pull it completely a few days afterwards. This signals that the patch was faulty or negatively affected users, which reduces our confidence in installing the patch immediately after release. So desire of granular control of patching. When a zero day hits, Microsoft releases KB, we can go to the Intune portal and manually approve and trigger the update and bypassing the delay, and then get a report when KB __________ has been installed on _________ workstations. ___% of workstations have the patch applied. #askingtoomuch