Hi Jian Wong,
Has your issue been resolved yet? If it has, please consider accepting the answer as it helps others sharing the same problem benefit too. Thank you :)
Domic V.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hey desktop management, we have Intune configured to manage our business workstation updates, and we left "Include drivers from Windows Update" turned on. This morning, a cumulative OEM driver deployment went live, and now dozens of corporate users are flooding our service desk because their built-in laptop touchpads have completely stopped responding.
Hi Jian Wong,
Your strategy to halt the driver rollout by configuring the Windows Update ring to block drivers is the correct immediate containment measure. You should verify that the policy ExcludeWUDriversInQualityUpdate is being enforced via your Intune CSP configuration to ensure the Windows Update client ignores driver payloads in subsequent scan cycles. Because this policy does not trigger a driver rollback, machines already exhibiting the touchpad failure must be remediated locally. You can perform this by targeting the Device Manager to roll back to the previous driver version or by deploying a script that executes a driver rollback command via the pnputil /rollback-driver utility, which is the standard Windows command-line tool for managing driver packages.
For long-term stabilization, you must shift your management architecture to the Intune Driver Updates node. This allows you to set driver approvals to Manual, ensuring that future OEM updates remain in a pending state until your team validates them against a pilot ring. This granular control moves your environment away from the "Include drivers" toggle, which is often too broad for corporate fleets, and instead enforces a strict, validated deployment cadence that minimizes disruption. By isolating specific hardware IDs, you can ensure that critical firmware and HID drivers are never pushed to production without prior testing.
Domic V
AI answer
Take the following actions to stop the bad touchpad driver rollout and regain control using Intune and Windows Update for Business driver policies.
Do not include drivers with Windows Updates.ExcludeWUDriversInQualityUpdate.ExcludeWUDriversFromQualityUpdates.This approach stops the immediate spread of the broken touchpad driver and moves driver servicing into a controlled, ring‑based approval model using Intune’s Windows driver update policies.
References: