This is a great. Thanks. This works if replacing an app, e.g replacing Mozilla Firefox v103 with v107. But, for the long haul, creating a supersedence for each update, would not do. Second, when a client Joins AzureAD, the client will get multiple Deployments of Firefox from OOBE, until the latest version is deployed?

Ideally, wouldn't we want the Firefox Win32 app deployed with the Auto-Update setting enabled in Firefox?

I'm in a similar situation. I don't have a Win32App for Firefox, but I deployed a device configuration profile for Firefox to apply the following configurations for both system and user on devices that have Firefox installed:
1. Background Updater - Enabled
2. Application Autoupdate - Enabled
I've tested this on 2 separate profiles, under Admin template and by importing ADMX files, per Mozilla's instructions. Intune says it succeeded but I'm still seeing vulnerabilities on our PCs through our Vulnerability Management tool. Firefox can definitely auto-update like other browsers and I have seen it worked on Apple devices through our other MDM tool with plist configurations.

Have you had any success with configuration that works with updating Firefox while stale or not in use. I have those two settings applied to a workstation of mine and it does not seem to update Firefox.

Does supersedence only work with apps I've deployed with Intune? For example, I want to upgrade older versions of Firefox with the latest version but I didn't deploy those older versions with Intune. Will supersedence still work in this scenario?