Microsoft Technical Takeoff: Windows and Microsoft Intune
Oct 24 2022 07:00 AM - Oct 27 2022 12:00 PM (PDT)

The internal MSIX app update mechanism and Enterprise IT needs

MVP

@Matteo Pagani 's  new article Getting full control over MSIX updates with the App Installer APIs - Microsoft Tech Community provides some great information for developers on a new option to modernize their updater using the AppInstaller, including what looks like What @John Vintzel talked about last fall at AppManageEvent.

 

Moving the triggers and definitions for updates inside the package makes sense.  Having apps that can update automatically can make sense in the Consumer market, but often in the Enterprise market there is a need for the IT department to verify and control these updates.  Generally this is due to:

  • Security concerns (the need to validate all software prior to deployment).
  • Possible interactions with other software used by the same user.
  • The potential for loss of productivity due temporarily bad releases.

At the time John indicated that there would be controls available to Enterprise IT to disable these updates and to manage the updates using their management tool of choice (like EMS).

 

For already existing method up MSIX app updates using AppInstaller, Enterprise IT was been able to avoid it by not using the Microsoft Store and not using the .appinstaller xml file in deployments but by using the MSIX file.

 

It looks to me that this new method to internalize the update inside the package means that Enterprises will need this control now.  I would guess that this would be group policy oriented, but Microsoft could also address this at the deployment side (tools like EMS using a modified API during delivery).  Can we get some details on how this is going to work? 

3 Replies

@TIMOTHY MANGAN 

 

@Roy_MacLachlan has the details. The settings should be available through the MDM agent or can be set via PowerShell.

I am working in IT enteprise provider, we are distributing packages to other large customers and enterprises. I totally agree there needs to be mechanism for IT to distribute app updates in a managed way. Customers do not want to receive auto updates randomly, they prefer to do proper pilot test first to make sure their business will be up and running. This is called Change Management.
@John Vintzel would be happy to see more MECM Integrations/Possibilities soon there as it is very limited until today ;)