I recently moved our Windows 10 machines in an educational environment to Intune Autopatch while deploying ESU keys. Although the machines are showing as licensed with the appropriate MAKs, I'm running into an issue where devices on versions up to 2025-09 are not receiving the 2025-10 quality update. My autopatch configuration has zero deferral days for quality updates, but manually checking for updates still indicates that the devices are up to date, which is not the case. Intune autopatch correctly reports that they're not updated. I've reviewed deployment rings and verified that autopatch is active on those machines, and I've even tried removing autopatch from some devices without any change. It seems like the ESU key might be blocking the updates. Any ideas on why the 2025-10 update isn't being offered?
2 Answers
I think you're spot on with your suspicion regarding the ESU key. It’s designed to provide extended updates, but in certain configurations, it can interfere with regular quality updates. You might want to look into the specific version compatibility with the ESU keys. If you've confirmed that no active GPOs are in conflict, it might be worthwhile to check any known issues posted in Microsoft forums, as these can pop up unexpectedly.
It sounds like the ESU keys might be causing the issue, especially if you've recently switched to Intune Autopatch. Some users have found that the way updates are handled can be a bit tricky when incorporating ESU. Double-check to make sure your Intune autopatch settings are aligned with the requirements for your environment after deploying those keys. Sometimes, there might be a delay or conflict when switching management options. You could try reverting to your prior update strategy temporarily to see if that makes a difference.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures