Forum Discussion

ER2025's avatar
ER2025
Brass Contributor
May 20, 2026

Is monthly BIOS updates via Intune overkill for enterprise Windows 11

Hey all,

Looking for some opinions from others managing BIOS and Drivers on enterprise environments.

We’re considering pushing BIOS/firmware updates monthly across our Windows 11 fleet using Intune, but it feels a bit too aggressive.

  • Is anyone actually doing BIOS updates this frequently?
  • Do you see real risk in not updating BIOS regularly?
  • Or do you treat BIOS updates more as “only when needed” (security issue / vendor recommendation)?
  • Any issues you’ve run into pushing BIOS updates at scale via Intune?

My concern is stability risk vs actual security benefit — feels like monthly might be overkill unless there’s a critical vulnerability.

Keen to hear how others are handling this in production environments.

bios
DELL
intune
window11

2 Replies

  • Lucaraheller's avatar
    Lucaraheller
    MCT
    May 28, 2026

    In my opinion, monthly BIOS updates across the entire fleet is usually too aggressive for most production environments.

    I would normally treat BIOS/firmware updates differently from regular Windows quality updates. For BIOS, I prefer a risk-based approach:

    • Deploy when there is a security vulnerability, stability fix, hardware issue, or vendor recommendation.
    • Test first with a small pilot group.
    • Expand gradually by device model.
    • Avoid pushing BIOS updates broadly without a clear reason.

    There is security value in keeping firmware current, but BIOS updates also carry a higher operational risk than normal OS updates, especially at scale.

    So my approach would not be “update BIOS every month by default.” It would be more like: review monthly, approve only what is relevant, test carefully, then deploy in rings.

    Intune can help manage the process, but I would still be conservative with BIOS/firmware compared to normal Windows updates.

  • mohdadeeb's avatar
    mohdadeeb
    Iron Contributor
    May 20, 2026

    Monthly BIOS updates through Intune can be excessive unless there’s a security advisory, stability issue, or hardware-specific fix involved. In most enterprise environments, quarterly reviews with testing rings usually work better to avoid unnecessary risk and user disruption. We’ve seen many IT teams treat BIOS updates more like firmware lifecycle management rather than regular patching.