Microsoft acknowledges an issue where a security baseline update in Intune resets the entire baseline to default values.
Troubling news for administrators who have customized the security baseline in Microsoft Intune for their organization. An update of the baseline, for example from version 23H2 to 24H2, causes the customizations to disappear.
The baseline is a template with configuration settings, used by administrators to tailor the settings of systems and their organization. Microsoft provides the template with its own settings based on best practices, which is a good thing in itself. Those who don’t change anything will thus work with well-thought-out default settings.
Manually Readjust
IT environments are not one-size-fits-all, so administrators can adjust the template to what works for their organization. Unless they implement the update, it now appears, because then Microsoft overwrites the adjustments again with the default values.
The “solution” isn’t really one: those faced with the issue may manually readjust everything. Microsoft realizes this isn’t ideal and is working on a better remedy. You can read more about it here.