It was so great to meet many of you in Edinburgh and a thanks to everyone involved, the speakers, sponsors, fellow organizers and attendees, it wouldn’t have been possible without every single one of you.  I’m exhausted, but it was absolutely worth it (but I am looking forward to the summer break)!

It’s a slightly lighter newsletter this week, but still some incredible content.

• Community Content
• Video Content
• Microsoft Content

Community Content

We start this week with the next two parts on the cloud native series from Shehan Perera with part 4 looking at your migration path and steps when moving from an SCCM environment

4. Cloud-Native Endpoints – From Config Manager to Intune

Part 5 looks at how to review your GPOS and migrate them over (where applicable)

5. Cloud-Native Endpoints – Group Policy Analytics

---

Michael Frank continues looking at the parts of Microsoft Intune Suite, this time covering Enterprise Application Management

https://michaelsendpoint.com/intune/intune_suite/enterprise_app_management.html

---

You no longer need custom images for your Windows 365 machines, find out how to use Autopilot Device Prep to build them in this post from Michael Meier

Windows 365 Frontline Shared and Autopilot device preparation

---

If your recovery partition is blocking Win11 updates, grab this script to fix it from Mads Johansen

https://evil365.com/windows%2011/Windows11-Partitioning-From-Hell/

---

Damien Van Robaeys has released a new version of the excellent SelfX tool to make your users a bit more self-sufficient.  This one is even more user friendly too!

https://www.systanddeploy.com/2025/06/selfx-self-fix-tool-allowing-users-to.html

---

On the subject of giving users more (managed) control, Dustin Gullett looks at how to use EPM to allow to elevate apps and installs

Deny, Deny, Deny! A Look at EPM’s Newest Superpower

---

Peter van der Woude also looks at EPM, but from the other side, how to stop an application being elevated at all

Explicitly denying elevation of specified files using Endpoint Privilege Management

---

Next, we have two new tools from Jeff Pollock, the first of which is for monitoring software usage locally on a device

pXLabs Poor Admins Software Metering Package

Jeff’s second tool is built to help you troubleshoot Windows updates

pXLabs Windows Update Tool

---

If you are wondering how to silently execute PowerShell scripts without VBScript, check out this solution from Trevor Jones

QuietShell – Executing PowerShell without a Console Window

---

Video Content

Now for the video content, with a look at Intune Device Query from Sujin Nelladath

---

Microsoft Content

Now for the Microsoft content, starting with an exciting new Security Copilot feature in preview, vulnerability remediation agents.  Learn more here from Julia Idaewor

https://techcommunity.microsoft.com/blog/IntuneCustomerSuccess/microsoft-security-copilot-in-intune—pt-2-vulnerability-remediation-agent-in-l/4424824

---

Windows 365 connections will soon be even more secure by default as covered here by Derek Su

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/enhanced-security-defaults-for-windows-365-cloud-pcs/ba-p/4424914

---

One I am very excited about, Windows 365 Cloud Apps are now in Private preview. Learn about it and how to join the preview in this post from Serena Zheng

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-365-cloud-apps-now-in-private-preview/ba-p/4424913

---

If you want to test security updates early, try the Security Update Validation Program as covered by Christina Ernest

https://techcommunity.microsoft.com/blog/windows-itpro-blog/suvp-provides-key-testing-of-security-updates-prior-to-release/4425333

---

That’s all for this week, have a great weekend!