Home Blog

Patch My PC Blog

Get expert insights, how-to guides, product updates, and best practices for streamlining patch management, improving endpoint security, and optimizing IT operations.

blog category feature image
When Devices Appear Active but Cannot Sync
Blog
The Illusion of Intune “Last Check-in”: When Devices Appear Active but Cannot Sync

The Intune portal can show a fresh Last check in even when the MDM certificate on the device has already expired. That timestamp only proves the device was able to touch the service. It does not prove that policy sync, app delivery, or real management is still working.

Rudy Ooms
Download IntuneWin Files from Microsoft Intune
Blog
Download IntuneWin Files from Microsoft Intune V2

Download IntuneWin files from Microsoft Intune with the rebuilt IntuneWin Downloader. This version makes it easier to find assigned Win32 apps and recover the original app content when the source files are no longer available.

Rudy Ooms
Maintenance Window Settings Catalog… And it’s Gone
Blog
Maintenance Window Settings Catalog… And it’s Gone

Maintenance Window Settings Catalog briefly showed up in the Intune In development documentation and was later pulled back. The Settings Catalog experience is no longer listed, but the Windows Update CSP still exposes the maintenance window policy settings.

Rudy Ooms
controlled configuration for microsoft defender antivirus settings
Blog
Controlled Configuration for Microsoft Defender Antivirus settings

Controlled Configuration for Microsoft Defender antivirus settings is coming. Microsoft describes it as an extension of Tamper Protection, with Intune taking control of Defender policy enforcement.

Rudy Ooms
The Autopilot profile doesn’t decide if a device is corporate
Blog
The Autopilot profile doesn’t decide if a device is corporate

A missing Autopilot profile often makes Windows show the full OOBE flow again. That looks like the device was not recognized as corporate, but the profile only controls the setup experience. The real ownership check happens later, when Intune evaluates the device identity and ZTDID during enrollment.

Rudy Ooms
When Intune Remediations Fail Troubleshooting Push Notifications.
Blog
When Intune Remediations Fail: Troubleshooting Push Notifications
Everything that depends on instant device actions (such as remediations) in Intune relies on Windows Push Notifications, and that is where troubleshooting goes blind. The Windows Notification...
Rudy Ooms
Windows 11 Hotpatch Updates, Secure Boot, and the Reset This PC Problem
Blog
Windows 11 Hotpatch Updates, Secure Boot, and the Reset This PC Problem

Windows 11 hotpatch updates can reduce reboots, but they do not move every part of Windows forward at the same pace. Microsoft has now confirmed the reset issue, while Secure Boot still depends on the baseline path.

Rudy Ooms
Blog
The Story Behind: IT1272653 and the Company Portal Stuck on Download Pending

In 1.101.103.0, Microsoft changed the IME config into a companion file, and that first transition appears to be where the file disappeared during upgrade. In 1.101.105.0, the same model remained, but the missing config could finally be recreated, which explains why the issue looked so different across both versions.

Rudy Ooms
Why an “Hourly” Intune Remediation Doesn’t Run Within the First Hou
Blog
Why an “Hourly” Intune Remediation Doesn’t Run Within the First Hour

Many assume an Intune hourly remediation runs within the first hour after assignment. In reality, the first execution depends on when the device retrieves the policy.

Rudy Ooms
Unattended Remote Help for Windows
Blog
Unattended Remote Help for Windows

A new Sidecar notification in the IME called WindowsRemoteHelpUnattended was enough to raise a bigger question: is Microsoft building unattended Remote Help for Windows behind the scenes? After tracing the IME, the Intune portal, and the Graph calls, the answer started to take shape

Rudy Ooms
View More
Getting Started
Products
Company
Resources
Additional resources