Microsoft are deprecating features in the Windows client at a quicker pace than ever, and some of these are more or less broadly used in organizations. Some of the most common ones that are now deprecated are WMIC, VBscript, TLS 1.0 and 1.1, PSR, Update Compliance and WebDAV. Some great although less used features that are deprecated lately are Defender Application Guard for Edge and Office and Windows Information Protection. Let’s have a look at what this means and what possible replacements there are!

No need to panic!

Before going into alternative solutions, keep in mind that the definition of deprecated means that the feature is no longer developed and might be removed from a future Windows version. Thus, there is absolutely no need to panic. My recommendation is to start planning for moving away from features that are deprecated, and with that communicating this information to all relevant stakeholders.

Common features in organizations that are now deprecated

This is a table of the more or less commonly used features within organizations, with potential alternative solutions.

Deprecated featureOrganizational impact from my personal viewAlternative solutions
WMICHave you ever used or still use for instance “wmic csproduct get name” or “wmic bios get serialnumber“? Those classic commands are still very much used by some and will soon be removed from out of the box in Windows.Use PowerShell is the alternative solution! More at WMI command line (WMIC) utility deprecation: Next steps | Windows IT Pro blog (microsoft.com).
Microsoft Defender Application Guard for OfficeOnly a few organizations have implemented App Guard for Office unfortunately. As it has also been a Microsoft 365 E5/E5 security add-on feature this has not had the best basis for broad use. Microsoft recommends Attack Surface Reduction (ASR) and I agree with that. I would add to that to use Defender for Endpoints which means extra scanning of documents coming from emails or internet through web browsing. See Safe Documents for more info.
Microsoft Defender Application Guard for EdgeAlthough this s a super secure browsing experience, I do not know a single organization that used this. It adds significant administration and high end-user impact so the feature never made it out into organizations.Use Edge security recommendations found in Microsoft Edge for Business security whitepaper.
Problem Steps Recorder (PSR.exe)A few organizations use this and have instructed end-users to record problems and attach to service desk. Some organizations (have) use(d) PSR to create guides.Snipping Tools which not only offers creating an image of the desktop now also offers video recording possibilities is a personal favorite and I strongly recommend everyone to use this. In the new release you can also add shapes to highlight your screen shots!
WebDAV ClientWebDAV is very much still used in many organizations. I last came in contact with this just before Xmas last year where users have the need to map on-premises SharePoint document libraries to Windows Explorer.Possible alternative solutions:
1. Moving to SharePoint Online is obvious but currently many organizations cannot do that for confidential information.
2. Enable and use Map SharePoint on-premises using OneDrive for Business.
VBscriptI have not come across any organization that do not use VBscript at all, but to be honest on more recent years most VBscripts are replaced by other means. The popular MDT (Microsoft Deployment Toolkit) which has been used by thousands or organizations over the years is still much in use and contains thousands of lines of code in VBscript.For those VBscript solutions that are still there, consider migrating them to other languages such as PowerShell. Also note that VBscript is still available as a Feature on Demand.

If you are using MDT, see this eminent guide from my fellow MVP and former colleague Johan Arwidmark.
TLS 1.0 and 1.1I think most know that TLS 1.0 and 1.1 are considered unsecure, and that anything using TLS 1.0 or 1.1 should have moved to using TLS 1.2 a long time ago. However, this is far from the case as TLS 1.0 and 1.1 are still requirements in several Line of business applications and other critical systems in organizations.Windows clients and servers will have no problems with disabling TLS 1.0 and 1.1. Line of business applications are the problem area.

Handle this with basic Application Lifecycle Management, and make sure application owners and vendors become aware of the problem and make a plan for moving to TLS 1.2 or later.
TroubleshootersTo be honest, the built-in troubleshooters in Windows that has been around since Windows 7 are not used that much in my experience. It is sad though because they offer some basic troubleshooting stuff.What I will miss are the PowerShell scripts behind the troubleshooters, which have proven to be very valuable when doing “automated troubleshooting”. Retain whatever you can from C:\Windows\diagnostics\system before these are removed.
Windows Information ProtectionBeing able to protect your company data is essential and I think a lot of organizations use Intune App Protection for iOS and Android. Under that same section was Intune App Protection for Windows, which is essentially “Windows Information Protection”.

However, although a good feature not many, to say no organizations, deployed this feature in production.
If you are looking to protect company data on your Windows devices, you should have a look at and implement Endpoint Data Loss Prevention as part of Purview.
Update ComplianceI have helped numerous customers over the years to implement Update Compliance to keep track of Windows quality and feature updates, even as a compliment if the customer is already using Configuration Manager or WSUS.Anyone using Update Compliance or want more insights into patching as a compliment should enable Windows Update for Business Reports as this adds additional value!

Sources for deprecated features and more information: