Microsoft Intune continues to evolve as the leading endpoint management solution with the latest 2503 service release rolling out in the week of March 17, 2025. This update introduces powerful enhancements across device management, security, and app protection—ensuring organizations have the modern tools needed to stay secure and productive.
In this article, we’ll break down all the key features and improvements introduced in Microsoft Intune 2503, including support for ARM 64-bit devices, Apple platform updates, new LAPS settings, Remote Help enhancements, and more.
✅ Endpoint Privilege Manager Now Supports ARM 64-bit Devices
One of the most notable updates in Intune 2503 is the Endpoint Privilege Manager (EPM) gaining support for ARM 64-bit Windows devices. Admins can now manage file elevations and enforce privilege policies on devices running ARM-based Windows systems, expanding compatibility for modern hardware.
Applies to:
- Windows
- Device Configuration
📱 New Apple Device Management Settings in the Settings Catalog
The Apple Settings Catalog in Microsoft Intune has been updated with new configuration options, giving IT admins more control over iOS, iPadOS, and macOS devices.
iOS/iPadOS – Restrictions
- Allow Apple Intelligence Report
- Allow Default Calling App Modification
- Allow Default Messaging App Modification
- Allow Mail Smart Replies
- Allow Notes Transcription
- Allow Safari Summary
macOS – Remote Desktop and Restrictions
- Remote Desktop
- Allow Apple Intelligence Report
- Allow Mail Smart Replies
- Allow Notes Transcription
- Allow Safari Summary
Where to find these settings:
Go to Devices > Manage devices > Configuration > Create > New policy > Choose platform (iOS/iPadOS or macOS) > Settings catalog
Applies to:
- iOS/iPadOS
- macOS
🔐 Enhanced Windows LAPS Policy Management
The Windows Local Administrator Password Solution (LAPS) in Intune has received major upgrades with new settings and enhanced options.
🆕 New LAPS Settings
- Automatic Account Management Enable Account
- Automatic Account Management Enabled
- Automatic Account Management Name Or Prefix
- Automatic Account Management Randomize Name
- Automatic Account Management Target
- Passphrase Length
🔄 Updated Settings
- Password Complexity now includes:
- Passphrase (long words)
- Passphrase (short words)
- Passphrase (short words with unique prefixes)
- Post Authentication Actions:
- Reset password, log off managed account, and terminate remaining processes
All settings default to Not Configured, meaning existing policies remain unchanged until updated.
Applies to:
- Windows
🆙 Enforce Latest OS Versions with Declarative Device Management (DDM)
Using DDM (Declarative Device Management), IT admins can now configure automatic OS updates for Apple devices.
Key Settings
- Enforce Latest Software Update Version – Force upgrade to latest available OS
- Delay In Days – Set grace period before enforcement
- Install Time – Define time of day for update enforcement (24-hour format)
Where to configure:
Devices > Manage devices > Configuration > Create > New policy > Choose iOS/iPadOS or macOS > Settings catalog > Declarative device management
Applies to:
- iOS/iPadOS
- macOS
🖥️ Remote Help Now Supports Azure Virtual Desktop Multi-Session
Remote Help expands its functionality with support for multi-session environments in Azure Virtual Desktop (AVD). Now, multiple users on a single virtual machine can receive remote assistance via Intune.
Key Benefits:
- Enhanced scalability for remote support
- Streamlined user session management in AVD
Learn more:
Check out Remote Help documentation
🤖 Copilot-Powered Device Querying
Intune now features Copilot integration for querying device data using KQL (Kusto Query Language). Generate advanced queries across your device fleet with natural language input.
How to access:
Microsoft Intune Admin Center > Devices > Device Query > Query with Copilot
📲 New Protected Apps Available for Microsoft Intune
New protected apps have been added to the Intune ecosystem, further expanding secure mobile productivity options:
- FacilyLife by Apleona GmbH (iOS)
- Intapp 2.0 by Intapp, Inc. (Android)
- DealCloud by Intapp, Inc. (Android)
- Lemur Pro for Intune by Critigen LLC (iOS)
Explore all protected apps:
Microsoft Intune protected apps
Final Thoughts: Staying Ahead with Intune
The March 2025 Intune 2503 release represents Microsoft’s commitment to security, cross-platform support, and AI-driven device management. Whether you're managing ARM-based devices, fine-tuning Apple settings, enforcing OS updates, or leveraging AI like Copilot, Intune continues to empower IT teams to do more with less.
👉 Stay up to date with future Intune releases by following the official Intune What's New page.
