Whats New Intune 2505: Updates in Security & Control
Discover whats new in Intune 2505: Deny rules for elevation, Linux AV exclusions, Android root detection, RBAC changes, and more cross-platform features.
MICROSOFT INTUNE
5/30/20252 min read


🔄 Microsoft Intune Update: Week of May 26, 2025 (Service Release 2505)
Greetings, fellow IT professionals and Intune admins!
Microsoft just rolled out the 2505 service release, and it's packed with updates that enhance endpoint security, improve cross-platform device management, and give you even more control over enrollment and app protection. Here's a breakdown of what’s new and why it matters:
🔐 Endpoint Privilege Management: Now with Deny Rules
Intune's Endpoint Privilege Management (EPM) now allows you to explicitly deny elevation for specific files. This means you can block known malicious or unwanted applications from ever being executed with elevated privileges—adding a powerful layer of protection to your environment.
❗ Deny rules support the same configuration options as other elevation types, except for child process handling.
Learn more: Endpoint Privilege Management overview
📱 New Protected Apps for Intune
These apps are now protected by Intune’s app protection policies:
Windows App by Microsoft (Android)
Microsoft Clipchamp (iOS)
4CEE Connect by 4CEE Development
Mobile Helix Link for Intune by Mobile Helix
App protection continues to expand across platforms to help secure your data wherever your users are.
More info: Protected apps documentation
🤖 Custom Naming Templates for AOSP Devices
You can now configure custom device naming templates for Android AOSP devices during enrollment. Combine static text and dynamic variables like device type, serial number, or username to keep naming consistent and useful.
Guides:
🔐 RBAC Update: Restricted Access to Enrollment Limits
Intune is tightening up role-based access control (RBAC). Users with the “Policy and Profile Manager” role now have read-only access to device enrollment limit policies. Only Intune Administrators can create or edit them.
📊 Cross-Platform Device Inventory Improvements
Intune now collects:
74 default inventory properties from Apple devices
32 from Android devices
This boosts visibility across platforms and simplifies compliance and asset management.
More info: View device details in Intune
🆘 Enhanced Security for Remote Help (Android)
Remote Help sessions on Zebra and Samsung corporate-owned dedicated devices now block the screen and notify users during unattended sessions—enhancing transparency and trust.
Details: Remote Help for Android
👥 Remote Actions Now Require Multiple Admin Approvals
Security just got smarter. The actions Retire, Wipe, and Delete now support Multiple Administrative Approval (MAA). This prevents unauthorized use by requiring a second admin to confirm sensitive actions.
Learn more: Use multiple admin approvals in Intune
🛡️ Detect Rooted Android Enterprise Devices
New compliance settings now let you detect if corporate-owned Android devices are rooted. These devices can automatically be marked as noncompliant.
Supported for:
Fully managed devices
Dedicated devices
Work profile (corporate-owned)
Details: Device compliance for Android Enterprise
🐧 Linux: New AV + EDR Exclusions Profile
For Linux devices managed via Microsoft Defender for Endpoint, you can now configure global exclusions (file, folder, or process) that apply to both Antivirus and EDR. This is critical to avoid unnecessary alerts and fine-tune protection.
⚠️ Not supported for Linux devices managed directly in Intune.
Details: Configure security on Linux
🧩 SimInfo Collection for Windows Devices
Enhanced device inventory on Windows now includes SimInfo data, giving admins even more detailed information when managing Windows endpoints.
More: Intune Data Platform
✅ Final Thoughts
This update reinforces Microsoft’s focus on security, usability, and multi-platform support. Whether you're protecting Android fleets, managing Linux exclusions, or enforcing strict role-based access — Intune keeps evolving to meet enterprise needs.
Stay tuned for more expert breakdowns, and be sure to subscribe to stay ahead of the curve!
Subscribe to our newsletter
Stay in the Loop – Join Our Newsletter