I'm really struggling to find a way to update Microsoft Store apps like Photos through a script. I've had it with these random OpenSSL packages in various Microsoft apps. I've attempted several methods, including using Winget, CIMInstance, unregistering and registering apps, but I've hit a wall. If anyone has successfully done this, can you share how you managed it?
3 Answers
If your Microsoft Store apps are assigned via Intune, they should automatically update the next time the device checks in after an update is pushed. Can you give me more details about your setup?
Have you tried using Winget? It might work for you.
We usually don’t see apps like MS Photos show up in Winget for us.
Are you asking about specific vulnerabilities like CVE-2024-13176? I just ignore stuff rated 4.0 and below since there's usually nothing we can do about them. Microsoft will update the DLLs on their own schedule, and then the store will pull the new versions when available.
Yes, that's one of the vulnerabilities, but there are more concerning ones rated 8 and above that I'd like to address. I'm okay with accepting the CVSS 4 vulnerability, but I'm very aware that we're all tied against Microsoft's update schedule.
We aren’t using Intune. We’re in the public sector and can’t afford it. We've set up a group policy to block user access to the store but still have automatic updates turned on. Microsoft claims updates will come through as long as the store isn’t turned off, but we're not seeing that happen. If the store is enabled, it finds updates when checked manually, but it never updates on its own unless someone checks.