check before: 2025-10-01
Product:
Intune
Platform:
US Instances, Windows Desktop, World tenant
Status:
In development
Change type:
Links:
Details:
EPM will introduce a per-rule option to run elevated apps with the original user's identity context, preserving app data, save locations, and preferences. This offers a more personalized app runtime experience compared to the default virtual account.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability
Created:
2025-07-26
updated:
2025-09-10
Docu to Check
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
User Experience Degradation
If the change is implemented without proper preparation, users may experience disruptions in their personalized app settings and data, leading to frustration and decreased productivity.
- roles: End Users, IT Support Staff
- references: https://techcommunity.microsoft.com/t5/intune-customer-success/intune-suite-endpoint-privilege-management-virtual-account/ba-p/3851230
Increased Support Tickets
The introduction of the new feature without adequate training or communication may lead to an increase in support tickets as users encounter issues with app functionality and settings.
- roles: IT Support Staff, Help Desk Technicians
- references: https://techcommunity.microsoft.com/t5/intune-customer-success/intune-suite-endpoint-privilege-management-virtual-account/ba-p/3851230
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
Imagine you have a key to your office building that lets you enter any room, but you usually only need access to your own office. Sometimes, you might need to enter a conference room or another office, but you don't want to carry around a bunch of different keys. Instead, you have a special pass that temporarily lets you into those other rooms when needed, without having to change your usual key.
Microsoft Intune's new feature, Endpoint Privilege Management (EPM), works in a similar way for computer applications. Normally, when you run an application that needs special permissions, it uses a generic "virtual account" to get those permissions. This is like using a temporary pass that doesn't remember your preferences or settings. With the new update, EPM allows applications to run with your own user identity, like using your own key, so the application remembers your settings, save locations, and preferences. This makes using the application feel more personal and tailored to you, just like being in your own office.
This change is beneficial because it ensures that when you need to use applications with higher permissions, they still feel familiar and customized to your needs, without compromising security. It’s like having the convenience of your own key with the flexibility of accessing other rooms when necessary.
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2025-09-10 | RM Release | November CY2025 | October CY2025 |
Last updated 2 months ago ago
