Go to: https://endpoint.microsoft.com

The three policies highlighted include options to create ‘Update Profiles’ to manage Windows Updates for devices in Intune.

• Update Rings for Windows 10 and later – These specify how and when Windows as a service updates your Windows 10/11 devices
• Feature Updates for Windows 10 and later – These are bigger than quality updates. This installs a new version of windows.
• Quality updates for Windows 10 and later – These are mandatory updates that the device will download and installs every month through Windows Update. These do not include new features; they are maintenance updates meant to fix bugs and errors.

features; they are maintenance updates meant to fix bugs and errors.
We will be creating a ‘Update Ring’ for Windows. This includes both quality and feature updates.

Start off by creating and naming your Update Ring profile and clicking on next:

Configure to the settings above.
This will allow Microsoft Products and Windows Drivers to update.
There will be no delay period in beginning quality and feature options once released.
It will not upgrade Windows 10 devices to Windows 11.
Updates can be uninstalled within 10 days
Pre-released builds are disabled.
It will perform the updates between 8am and 6pm
It will perform checks before restart.
Option to pause updates will be enabled
Option to check for Windows Updates will be enabled.
It will use the default Windows Update notifications.
There will be a deadline for quality and features updates. There will be a 3 day grace period before the PC is restarted automatically.
It is set to reboot before the deadline if needed.

Assigned to all devices.

References:
• https://www.windowscentral.com/whats-difference-between-quality-updates-and-feature-updates-windows-10
• https://learn.microsoft.com/en-us/mem/intune/protect/windows-10-update-rings