Windows Office Hours: May 2026 - Microsoft Tech Community

Event details

Get answers to your questions about adopting Windows 11 and managing Windows devices across your organization. Find out how to proactively implement and monitor Zero Trust practices. Get tips on keep...

Heather_Poulsen

Updated Dec 18, 2025

Windows-Office-Hours-May-21-2026.ics44 KB

Office Hours

mjsrc

Copper Contributor

May 21, 2026

The Security Baselines Blog has recently released Microsoft recommendations for Microsoft 365 Apps, Windows 11 25H2, and Microsoft Edge. In looking through these recommendations, we've found that there are a number of recommended settings that aren't available in Intune for device configurations and for Microsoft 365 Apps configurations. Along with that, some baselines in the Security Baselines menu under the Endpoint Security section for Intune haven't been updated recently. Specifically, the Microsoft 365 Apps baseline hasn't been updated since 2023. What is the Intune teams plan to address these gaps in providing timely alignment within Intune for Microsoft's recommended baseline policies both in providing updated settings in the settings catalogue and providing timely updates to the Security Baselines in Endpoint Security?

Joe_Lurie

Microsoft

May 21, 2026

mjsrc

Thanks for the question, I appreciate the detail you provided. You're right that there's been a gap between the Security Compliance Toolkit baseline releases and what's available natively in Intune's Endpoint Security baselines. The Security Compliance Toolkit team released the M365 Apps v2512 baseline in December 2025 and work is underway to bring the Intune-native baselines in-line with that update. In the meantime, the Settings Catalog in Intune is updated way more frequently than the baselines and often has the individual settings you need. I'd recommend using them both: supplementing your baseline with Settings Catalog policies to cover any critical gaps.

You can also import the latest baseline GPO templates to make cross-referencing easier. Check out the baseline management guidance here: https://learn.microsoft.com/en-us/intune/device-security/security-baselines/configure-baselines.

mjsrc
Copper Contributor
May 21, 2026
Joe_Lurie, the latest recommended settings for the M365 apps are not available in the Settings catalogue either and instead my team has needed to use the M365 Apps Admin Center Portal to apply the recommended settings. This is not ideal as it breaks the "single pane of glass" aspect of Intune along with the M365 Apps Admin Center not containing the proper reporting to validate policy application to instances of M365 Apps.

It would be nice to know when the Intune team is planning to align both the settings catalogue and the Security Baselines with the recommended settings created by the Security Compliance Toolkit team.
Thank you