October already, I’ll have to dig out the spooky theme for the newsletters towards the end of the month! A much needed week at home for me before I’m off to the App Manage event next week in Utrecht.
It’s been another busy week and we have a lot of content, including the big release of 25H2.
Community Content
We start this week with the final part of the App Control for business series from Patrick Seltmann. This one completes everything by showing how to keep your policies in check using Azure DevOps
Are you considering Security baselines, or CIS? Check out this comparison from Roman Padrun
https://www.cloudcook.ch/cis-vs-microsoft-security-baselines/
Aresh Sarkari continues looking at Windows 365 apps, this one covers publishing the apps
Ever accidentally deleted a conditional access policy? Entra now has a recycle bin so you can restore via Graph as covered here by Daniel Bradley
Next, we have the second part looking at authentication contexts from Sebastian F. Markdanner, this one running through some real world examples of where and how to use them
https://www.chanceofsecurity.com/post/mastering-microsoft-entra-authentication-contexts-part-2
Protect your network traffic from macOS devices using Global Secure Access in this post from Rahul Jindal
https://rahuljindalmyit.blogspot.com/2025/09/enable-compliant-network-compliance.html
Jan Mulder has updated the Conditional Access compliance report, it now looks beyond Zero Trust and also looks at the Secure Score
Release: Conditional Access to zero trust compliance report V1.0.3
Your Android kiosk devices can now be set to allow apps to work offline without a sign-in, a very useful addition. Learn more in this post from Peter van der Woude
Using offline mode and app access without signing in on Android Enterprise dedicated devices
Macros have always added to the risk of devices and this is still true today, if not more so. Shehan Perera runs through the risks and how to block them here
Use all of the tools available to fully protect your user data in this post from Anders Ahl
Have you deployed VDO Optimizations only to find them blocked by a security policy? Alex Durrant has a solution for you here.
Teams VDI Optimisation Blocked by Security Policies? Here’s the Intune Fix for AVD & Windows 365
Are you looking to get started with managing Android devices with Intune? This comprehensive guide from Nicky De Westelinck is well worth reading
The Android Tales: A Full Comprehensive Guide on Managing Android devices with Microsoft Intune
Win11 25H2 iw now GA and available via Intune update policies as covered here by Joey Verlinden
Settings Catalog is great, but more complex when trying to automate with Graph. Tobias Eriksson looks at how to do so here
Automate creation of Settings Catalog policies in Intune with Microsoft Graph API
Rudy Ooms has being digging around in Intune and found some hidden options for Autopilot Device Preparation, have a sneak peak here
Autopilot Device Preparation and the Return of OOBE Controls
Video Content
Now for the video content, starting with a look at how to configure all available security policies in Intune from Mark Oldham
The next edition of the podcast from Shady Khorshed is here discussing Intune toolkit with Maxime Guillemin
Microsoft Content
Now for the Microsoft content, starting with the news that Wi-Fi 7 is now available for Enterprises. Learn more here from Megha Sharma
A very exciting announcement, you can now create your own security copilot agents, it has instantly become so much more powerful. Here is the official announcement from Dorothy Li
If you’re managing emergency services devices, this post from Catarina Rodrigues is for you
The official Windows 11 25H2 announcement is here from Aria Hanson including some useful tools
The all-important Windows News You Can use from Eric Moe
That’s it for this week, have a great weekend!