Windows Feature Update Policy Settings should not reference end of support builds

Why This Matters

Windows feature update policies that point to end of support builds expose your environment to unpatched vulnerabilities and compliance gaps. Deploying deprecated Windows versions increases the attack surface because Microsoft no longer provides security updates for those builds. IT administrators must ensure feature update policies reference only actively supported Windows versions to maintain a secure and compliant Intune managed environment.

What Aether365 Checks

This check verifies that all Windows Feature Update Policy Settings in your Intune tenant do not reference Windows builds that have reached end of support. It appears in the Aether365 dashboard under the Intune checks category as a medium severity finding.