MSIntune Roadmap Update: Blocking Screen Capture, Genmojis, and Writing Tools

Microsoft Intune has introduced a new standalone setting for blocking screen capture, Genmojis, and writing tools. This update is particularly relevant for organizations looking to enhance their mobile application management (MAM) and security policies, especially for Apple devices.

You Should Know:

To implement these new settings in Microsoft Intune, follow these steps:

1. Log in to Microsoft Endpoint Manager:

• Open your browser and navigate to the Microsoft Endpoint Manager admin center.
• Log in with your admin credentials.

2. Navigate to Device Configuration:

• In the left-hand menu, select “Devices” and then “Configuration profiles.”

3. Create a New Profile:

• Click on “Create profile.”
• Choose the platform (iOS/iPadOS or macOS).
• Select the profile type as “Templates” and then “Custom.”

4. Configure the Settings:

• In the custom profile, add the following OMA-URI settings to block screen capture:
• OMA-URI: ./Vendor/MSFT/Policy/Config/ApplicationManagement/PreventScreenCapture
• Data Type: Integer
• Value: 1 (This value enables the screen capture block.)

• To block Genmojis and Writing Tools:

• OMA-URI: ./Vendor/MSFT/Policy/Config/ApplicationManagement/PreventGenmojisAndWritingTools
• Data Type: Integer
• Value: 1 (This value enables the block.)

5. Assign the Profile:

• After configuring the settings, assign the profile to the appropriate groups or users.
• Click “Create” to save and deploy the profile.

6. Verify the Configuration:

• Once the profile is deployed, verify that the settings are applied correctly by checking the device status in the Intune portal.

Additional Commands and Steps:

• Check Device Compliance:

• Use the following PowerShell command to check the compliance status of devices:

  Get-IntuneManagedDevice | Select-Object DeviceName, ComplianceState
  

• Monitor Intune Logs:

• To monitor Intune logs for any issues, use the following command:

  Get-IntuneAuditLogs -Filter "ActivityType eq 'DeviceConfigurationChange'"
  

• Update Intune Policies:

• To force an immediate update of Intune policies on a device, use:

  Invoke-IntuneManagedDeviceSync -DeviceId <DeviceID>
  

What Undercode Say:

The latest update to Microsoft Intune’s roadmap introduces critical features for enhancing mobile device security, particularly for Apple devices. By blocking screen capture, Genmojis, and writing tools, organizations can better protect sensitive information and maintain compliance with security policies. The provided steps and commands should help IT administrators effectively implement and manage these new settings. For more detailed information, refer to the official Microsoft Intune documentation.

References:

Reported By: Arnab Mitra – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram