From 32a15dab414429821cb09275bd9b338f468d8fa2 Mon Sep 17 00:00:00 2001 From: Mark Goodman <19527097+silvermarkg@users.noreply.github.com> Date: Tue, 4 Jul 2023 17:28:20 +0100 Subject: [PATCH] Windows Drivers update setting to block drivers In the 'Locations of policies that exclude drivers' list, the Windows Drivers update setting indicated being set to Allow blocks drivers. I beleive this should be Block and not Allow. --- .../includes/wufb-deployment-driver-policy-considerations.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/update/includes/wufb-deployment-driver-policy-considerations.md b/windows/deployment/update/includes/wufb-deployment-driver-policy-considerations.md index d8c96ee718..6e602493b9 100644 --- a/windows/deployment/update/includes/wufb-deployment-driver-policy-considerations.md +++ b/windows/deployment/update/includes/wufb-deployment-driver-policy-considerations.md @@ -20,7 +20,7 @@ The following policies exclude drivers from Windows Update for a device: - **Group Policy**: `\Windows Components\Windows Update\Do not include drivers with Windows Updates` set to `enabled` - **CSP**: [ExcludeWUDriversInQualityUpdate](/windows/client-management/mdm/policy-csp-update#excludewudriversinqualityupdate) set to `1` - **Registry**: `HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ExcludeWUDriversFromQualityUpdates` set to `1` - - **Intune**: [**Windows Drivers** update setting](/mem/intune/protect/windows-update-settings#update-settings) for the update ring set to `Allow` + - **Intune**: [**Windows Drivers** update setting](/mem/intune/protect/windows-update-settings#update-settings) for the update ring set to `Block` **Behavior with the deployment service**: Devices with driver exclusion polices that are enrolled for **drivers** and added to an audience though the deployment service: - Will display the applicable driver content in the deployment service @@ -42,4 +42,4 @@ The following policies define the source for driver updates as either Windows Up - Will install drivers that are approved from the deployment service > [!NOTE] -> When the scan source for drivers is set to WSUS, the deployment service doesn't get inventory events from devices. This means that the deployment service won't be able to report the applicability of a driver for the device. \ No newline at end of file +> When the scan source for drivers is set to WSUS, the deployment service doesn't get inventory events from devices. This means that the deployment service won't be able to report the applicability of a driver for the device.