Juerg Koller

HPIA 5.3.5 is being taken out temporarily to handle a library issue that may cause an execution exception. V5.3.4 will be back online in the meantime. Apologize for the inconvenience #HP #HPIA #MSMMOA #Intune #MECM

#Dell Command | Update 5.7.0 Re-Released (Security Update) DSA-2026-190 dell.com/support/home/e… dell.com/support/home/e… #Dell Command | Endpoint Configure for Microsoft Intune (2.0.3.217) Released (OpenSSL Security Fix) dell.com/support/home/e… #SYSADMIN #INTUNE #MECM #SCCM

Here's the Windows Roadmap from Microsoft. View the latest productivity, security and reliability updates for Windows 11 - microsoft.com/en-us/windows/… #Windows #Windows11 #Microsoft

There is a critical vulnerability in #Windows IKE, though. 😬If you are using the Always On #VPN device tunnel I'd suggest updating ASAP. msrc.microsoft.com/update-guide/e…

🚀 EAM‑AutoUpdater v1.0.0 released! This release brings several bug fixes plus new features like update rings and custom install parameters. Check it out on GitHub 👉 github.com/JanicVerboon/E…

Yes, I know HP Connect. Good Idea but also halfway finished and I'm not sure, if there is still development in HP Connect. Until November last year, the BIOS Update feature was also depending on the capsule Updates on WU. HP changed that, most likely because of the delays until a BIOS Version is available in WU. Now they switched to HP SoftPaqs but with that, you loose the advantages from the capsule updates.

@juergkoller Do you know about HP Connect? We use it primary for BIOS configuration but Update is also possible. connect.admin.hp.com

It’s 2026, and BIOS and firmware updates are still a pain. #Autopatch was a good idea, but unfortunately it takes forever for new BIOS versions to become available. Here’s an example for an EliteBook 860 G11. Now that everyone needs to be running the latest BIOS versions due to the #UEFICA2023 issue, it would be nice if it didn’t take seven months for new versions to become available in #WindowsUpdate. @ariaupdated @dan_felman @bytenerd @bdam555

even 6 weeks is a very long time for this process especially when there are critical fixes in a BIOS Update. But what I see is, that it takes 4-5 month until a new BIOS Version is available in WU and this is definitively way to long. I'm not sure, if the process into WU is faster, if the BIOS Update is flagged as critical from your side but this brings us to the next mess with the Driver Updates in Autopatch. Missing meta Information about a driver and the whole recommended/other drivers mess

@juergkoller @bdam555 HP releases BIOS and drivers to WU at the same time as we package and release the softpaq to HP.COM. MS has a ring flighting process for WU that can then delay the public availability - usually up to 6 weeks

HEY YOU! WAKE UP! Stop snoozing or you're going to miss the best technical conference. Only 20 days left to go for #MMSMOA 2026. Get your tickets now before it's too late. Register NOW! 👉 mmsmoa.com/mms2026moa May 3-7, 2026 #Microsoft #ITpros #MSIntune #Windows #ConfigMgr #PowerShell

Per popular request, we've opened up registrations for #MMSMOA 2026.....Again! It's T-Minus 20 days ONLY to #MMSMOA. Get your tickets now before it's too late. No crying if you miss out! Register NOW! 👉 mmsmoa.com/mms2026moa May 3-7, 2026 #Microsoft #ITpros #MSIntune #Windows #ConfigMgr #PowerShell

There are many what's new pages to keep up with when working with Microsoft Defender. Bookmark at least this one: learn.microsoft.com/en-us/defender…

Hotpatch = fewer reboots ✅ But also… ❌ Can break “Reset this PC” ❌ Doesn’t include Secure Boot cert updates Microsoft just officially acknowledged both. This is why “no reboot” ≠ “no complexity” Check out the full breakdown 👉 bit.ly/4tgf7He #MSIntune #PatchManagement #ITCommunity

solved... I'm not sure, if it's really solved. What I see, is every OEM tries to come up with a solution. HP Connect, Lenovo Device Orchestration, Dell Management Portal. Every solution is max halfway finished and before they are finished, they come up with a new tool. When we do a Driver and Firmware Assessment in an environment, we see a very distributed and inconsistent picture. So these tools are not working as expected.

@Reset_Vector @juergkoller They all did that a long time ago. From the OEM's standpoint, this is a solved problem. Just use their solution and you'll get everything as soon as it's published (more or less). Supporting a secondary stream (WU) is important, but solves a problem they already solved.

@bdam555 How hard can it be... Right now, there are millions of Windows devices that can't install the UEFI CA 2023 certificates because of outdated firmware versions, and many organizations aren't even aware of the problem.

@juergkoller Fair 'nuff, though I think the answer's mostly the same. The BIOS/Firmware updates need to be packaged as a 'UEFI Firmware Update Capsule' for WU; I don't know if that adds appreciable time on the OEM's part or not.

@bdam555 It's not an issue with a specific update, in my opinion, it's a general process issue. The process is broken or just takes way to long. If I filter for firmware updates in a quite large Intune tenant and sort on release date, all firmware updates are from December 2025 or older

@juergkoller For a given update, it's impossible for us mere plebians to know exactly 'why' and I doubt MS will tell. Did HP not submit it for months? Did it fail MS's testing? Did someone on either side just forget to push the 'YEET' button? The standard is ~30 days from submission.

Windows 11 Hotpatch Updates Issue: Reset This PC Windows 11 hotpatch updates sound great until you look at what it could break. Microsoft has now officially confirmed that "Reset This PC" can fail when hotpatch is enabled.... At the same time, Secure Boot certificate updates still wait for the baseline update. So yes, fewer reboots. But not less complexity. That is exactly what this blog is about and why I think Hotpatch is something we need to think about before enabling it by default. patchmypc.com/blog/windows-1… #WindowsUpdates #Hotpatch #Windows11 #Security

#Dell Command | Update 5.7.0 Released (Security Update) DSA-2026-190 dell.com/support/home/e… dell.com/support/home/e… #Dell Command | Endpoint Configure for Microsoft Intune (2.0.3.217) Released (OpenSSL Security Fix) dell.com/support/home/e… #SYSADMIN #INTUNE #MECM #SCCM

Windows Server Summit, the full agenda: techcommunity.microsoft.com/event/windowss…

Secure Boot certificates on Windows Server begin expiring in June. If you haven’t planned yet, now’s the time. Get guidance around inventory, deployment options, and next steps to stay protected: msft.it/6011QNZBZ