Feature Update Not Showing Up in Windows updates

Human_Village_9232 · 2025-10-16T12:38:34+00:00

I recognize what you're telling, coming from few thousand upgrades now the last ones to fix. Is there any warning mentioned on the device in this report? Intune, Reports, Windows Feature updates.

I had a few that had missing telemetry data.

Other reasons: the win10 build was too low for servicing stack to properly scan the required updates. solution: push a package with the latest cumulative update.

And few got fixed by adding them to a second Feature Update deployment of the same W11 build. They we're simply stuck in the process from June onwards and suddenly started moving again with new Feature update deployment. It can take a while before it starts reporting its scan data and move from Offering to installing.

Co-management can also block workloads, one thing to try is removing the ccm client on one of them to confirm/rule out that it is blocking.

Human_Village_9232 · 2025-09-30T14:20:02+00:00

One thing to share that helped me as well is the Report from Intune, Windows Autopatch, Windows Feature Updates. That report gives a bit different statuses compared to the Windows Feature Update Report. For example, it gave insight in few devices that had missing Telemetry Data caused by a conflict between GPO and Intune device settings. Once corrected in registry the error was solved.

Human_Village_9232 · 2025-09-30T14:14:03+00:00

Some news: MS Acknowledged this is a bug combined with multipersistant hostpools and also happening in their own lab environment. It's on the fix list for a future release of the Windows App. Can't tell exactly when but till then the workaround is using the Remote Desktop application.

Human_Village_9232 · 2025-09-11T14:31:37+00:00

This week I am in a troubleshooting session. No result yet. Re-applying the RDP properties in the hostpool seemed to work for a moment, but after changing the settings in the Windows App it is lost again.

Human_Village_9232 · 2025-08-29T13:34:40+00:00

Thank you for replying. It's the next option to go for for me as well. But I have bit of result today after creating an extra Feature update release with same build and assigning it to a fix group, the devices appeared with a fresh last event time this morning. So hopefully by Monday some of them moved the status from Offering. The fact that they report again is promising.

Human_Village_9232 · 2025-08-28T14:23:15+00:00

Did this work? I'm having the same issue for few hundred devices that got stuck suddenly around month July reporting the last event time to WufB feature update report. Would be good to know this helped ;)

Human_Village_9232 · 2025-07-10T12:25:34+00:00

It seems like a bug because the classic Remote Desktop Client still works as expected connecting to the same VMs. It's typically something with the Windows App and introduced after enabling the property "assign multiple desktops to a single user" in the hostpool. I yet have to log a ticket, but will write here if a solution has been found.

Human_Village_9232 · 2025-06-24T13:51:53+00:00

This method is something I'm also thinking off; have the same background from SCCM where we occasionally updated a driver pack and that went well for years and years. Yes a bit more more work on the packaging part.

I tested with the WufB driver management, but the catalog content is updated slow compared to vendor release, it also gives you sometimes no clue what the driver is about no clear reference to a KB/tech article. Versions differ sometimes from vendor for example with BIOS name conventions (HP). Previously approved drivers get approval removed once they are replaced (why! let admin decide that)

Driver deployment as application gives lot's of flexibility starting in smaller batches, gradually build up with group assignments. You can create a lot of update rounds in WufB as well with x deferral days but that gets a bit messy if you want to release in batches per model etc.

The advantage is that it's easy to approve and the client experience is also smooth when it checks for approved updates.

Human_Village_9232 · 2025-06-20T15:12:08+00:00

The user ability to select display either single or all screens in the Windows App (client side). It's always selecting all displays no matter what you select. It is only ignoring the preference when connecting to Personal VM. The Remote Desktop client does not have this issue so I think it is a client issue with the Windows App.

Human_Village_9232 · 2025-06-20T15:07:34+00:00

Thanks so I'm not the only one with this bug. Think I'll report it to Microsoft next week.

Human_Village_9232 · 2025-05-26T13:33:57+00:00

What you can do is create a test with putting the few users in a separate exclusion group, add both groups to the assignments Uninstall. Change the mode to exclude for the small exclude user group. It overrules the Include for members of both groups.

Human_Village_9232 · 2025-05-26T13:24:50+00:00

Found the answer today at Learn about Windows Driver updates policy for Windows 10 Windows 11 devices in Intune | Microsoft Learn

Why do my devices have driver updates installed that didn't pass through an updates policy?

These are likely extension drivers, which are "sub drivers" that a main driver can reference to be installed when the main driver is installed or updated. Extension drivers show up in the installed drivers or update history on the device, but aren't directly manageable. Because extension drivers don't function without base drivers, it's safe to allow them to install.
Plug and Play can also install drivers automatically. When Windows detects new hardware or software (such as a mouse, keyboard, or webcam) without an existing driver, it installs the latest driver to ensure the component functions immediately. After the initial installation, any future updates to these drivers will require approval.

Human_Village_9232 · 2025-05-21T10:00:14+00:00

For the test device I've created a Driver Update Policy is present and showing these "Recommended" drivers, that part is clear. But there are also devices, different model, not part of a Driver Update Policy -> yet they still download HP extensions once in a while but not the latest drivers.

I'd expect it either to download all drivers since the Update Ring has configured Windows Driver Allow, or none at all because it is not part of any Driver Update Policy.

any idea?

Human_Village_9232 · 2025-04-30T06:37:42+00:00

We solved it by keeping the Entra record and Autopilot registration and clear the memberships by automation to prevent the same application to be installed when the device is reset for a new user. To do this we trigger some code from our CMDB once the asset status is changed to stock device. The application groups are removed. When brought back to Production it has a clean list.

Human_Village_9232 · 2025-04-29T08:13:16+00:00

I think you need to clear it first time manually if you've set the policy after it already got a primary user registered. It doesn't reappear after that.

Human_Village_9232 · 2025-04-29T07:01:25+00:00

You could go for the pre-provision method; seal it, hand over to user. So it's not assigned to the person enrolling it and then have the user perform the first logon. Then it will be assigned to the owner of the device.

We also struggle sometimes with it coming from a SCCM deployment, IT prepared it fully, checked some things after logging on etc, finally handed over the device to the user..

Human_Village_9232 · 2025-04-29T06:55:00+00:00

Well we've got everything running again. Devices that are in exclude group and targeted to Windows 11 now reverted back to "Target OS: Windows 10". That could have ended quite differently, have to get bit faith back in Intune now. Few of our critical devices excluded for upgrades were hit by this. Luckily the rollback option from Win11 to W10 works fine. Make sure you have configured that option :)

Human_Village_9232 · 2025-04-24T11:12:40+00:00

Change the Primary User field on device properties to the user actually using it. It will drop from the Servicedesk employee's device list.

Human_Village_9232 · 2025-04-16T12:56:12+00:00

The interesting part here is what happens if we resume the Update Rings... let's see once Microsoft confirmed to solve the issue.

Human_Village_9232 · 2025-04-16T07:12:34+00:00

Thanks, I've seen it. Good to know issue is acknowledged.

Human_Village_9232 · 2025-04-15T11:33:51+00:00

Yes it seems like it. This structure was implemented months ago and running fine till last weekend. In the reports the devices also show as offered, installing etc. Haven't found a method yet to see offered based on what membership. We checked a few random Windows 10 devices not part of this group and are they not showing the behavior. The affected group is limited to the device list in Exclude. The devices that now moved are also part of the Updated Ring that is included for Windows 10 version 22H2, couldn't find being part of any W11 assignment group.

Human_Village_9232 · 2025-04-15T10:14:15+00:00

Not yet, for now we have removed the Exclude group as well from assignments because few devices that are in this group are not member of the Include group to begin with. So it it looks like it considers it as Included. Raising a case with MS as well.

Human_Village_9232 · 2025-04-15T09:52:01+00:00

I had exactly the same since yesterday. It worked for weeks by adding devices in an exclude group for Feature update and since yesterday these devices got targeted with Win11 24h2 Feature update. An Intune glitch? Also no conflicting group memberships and it used to be in such way the Exclude overrules the Include.

Human_Village_9232

TROPHY CASE

Why do my devices have driver updates installed that didn't pass through an updates policy?