Applying the MS17-010 Security Updates Using Microsoft Intune

This article provides the steps to deploy Microsoft Security Bulletin MS17-010 and other updates using Microsoft Intune. For more information on MS17-010 and WannaCrypt please see the blog links in the More Information section below. Note that customers running Windows 10 were not targeted by WannaCrypt. The update steps are just for the full client PC managed by Intune.

Approving updates to Intune-managed PCs

1. Login to the Microsoft Intune classic admin experience at https://admin.manage.microsoft.com
2. Navigate to Updates (you won’t see “updates” if you have no PC’s enrolled by the Intune full PC client.)
   
   
    
   
3. Highlight all updates
   
   
    
4. Search for the updates notated on the MS17-010 Security Bulletin based on your Operating System: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
   For Example for Windows 10 3210720
   
   
    
5. Select All Updates by Highlighted Each
6. Right-Click on the Updates and Select Approve
   
   
    
7. Select All Computers and Click Add
   
   
    
8. Change Approval to "Required Install" and Change the Deadline to "As Soon as Possible"
   
   
    
9. Click Finish

Keep Windows PCs up to date with software updates in Microsoft Intune:https://docs.microsoft.com/en-us/intune/deploy-use/keep-windows-pcs-up-to-date-with-software-updates-in-microsoft-intune

Help secure Windows PCs with Endpoint Protection for Microsoft Intune:https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune

Customer Guidance for WannaCrypt attacks:https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Microsoft Security Bulletin MS17-010 – Critical: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx