(159) Microsoft Intune - Microsoft Edge WebView2
- Mr B SOE way
- Mar 27
- 2 min read
Had customers who wanted me to ensure that Microsoft Edge WebView2 updates automatically, as the base version of Windows 11 comes with Version 122.x.x.x. For that to happen we need to make sure Edge WebView2 installs to the latest.
The easiest way would be creating a Win32 app with the following:
Install.ps1 as follows:
if ("$env:PROCESSOR_ARCHITEW6432" -ne "ARM64")
{
if (Test-Path "$($env:WINDIR)\SysNative\WindowsPowerShell\v1.0\powershell.exe")
{
& "$($env:WINDIR)\SysNative\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy bypass -NoProfile -File "$PSCommandPath"
Exit $lastexitcode
}
}
#Script Variables
$AppName = "WebView2 Install 132.0.2957.140"
$AppDir = "$($env:ProgramData)\IntuneApps\$($AppName)"
$TagFile = "$($AppDir)\$($AppName).tag"
$Transscript = "C:\ProgramData\Devicie\logs\$AppName.log"
$MSILog = "C:\ProgramData\Devicie\logs\Install-$AppName.log"
# Create log directory
if (-not (Test-Path $($AppDir)))
{
Mkdir $($AppDir)
}
# Start logging
Start-Transcript $Transscript
# Install App
$Status = (Start-Process "$($PSScriptRoot)\MicrosoftEdgeWebView2RuntimeInstallerX64.exe" -ArgumentList '/silent /install' -wait -PassThru).ExitCode
# Set Flag file for Intune Detection
if (($Status -eq 0) -or ($Status -eq 3010))
{
Set-Content -Path $TagFile -Value "Installed"
} else {
Write-Host "Install failed with error $($Status), check $($MSILog) for more information"
}
Stop-Transcript
Exit $StatusMake sure to navigate to https://developer.microsoft.com/en-us/microsoft-edge/webview2?form=MA13LH#download to download 'Evergreen Standalone Installer'
It should look like this:
Next prepare your Detect.ps1 file, which should look like this:
# Define the registry key and the value we're looking for
$registryKey = "HKLM:\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\Clients\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}"
$versionValueName = "pv"
# Check if the registry key exists
if (Test-Path $registryKey) {
# Retrieve the value of the "pv" entry (the version)
$installedVersion = Get-ItemProperty -Path $registryKey -Name $versionValueName -ErrorAction SilentlyContinue
if ($installedVersion) {
# Extract the version number
$installedVersion = $installedVersion.$versionValueName
# Define the required version for comparison
$requiredVersion = [version]"134.0.3124.83"
# Compare the installed version with the required version
if ([version]$installedVersion -ge $requiredVersion) {
Write-Output "The installed version ($installedVersion) is greater than or equal to $requiredVersion."
}
else {
Write-Output "The installed version ($installedVersion) is less than $requiredVersion."
}
}
else {
Write-Output "The version value ($versionValueName) was not found in the registry."
}
}
else {
Write-Output "The registry key does not exist."
}
If detect.ps1 fails, you can try to add it manually in Intune:
Rule type: Registry
Key Path: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\Clients\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}
Value name: pv
Detection method: Version comparison
Operator: Greater than or equal to
Value: 134.0.3124.83
Associated with a 32-bit app on 64-bit clients: Yes
Wrap it up as a Win32 app with https://github.com/Microsoft/Microsoft-Win32-Content-Prep-Tool, then upload to Intune.
Note:
Install command line:
%SystemRoot%\sysnative\WindowsPowerShell\v1.0\powershell.exe -windowstyle hidden -executionpolicy bypass -command .\install.ps1
Install behaviour must be in 'System' Context as it applies to the HKLM
Once Win32 app is packaged, it should look like this:
Commenti