Is Microsoft’s VBS Enclave and and UWP Maps APIs Deprecation Making Windows Less Secure? Discover the Impact Now!

Should You Worry About the Discontinued Windows UWP Maps API and VBS Enclaves? Essential Migration Tips for Developers!

Microsoft has officially deprecated two significant features: Virtualization-based Security (VBS) enclaves for older Windows versions, and the Windows UWP Map Control and Maps Platform APIs. These changes affect both security-focused enterprises and app developers, making it crucial to understand the implications and next steps.

VBS Enclaves Deprecation: A Security Setback for Older Windows Versions

What Are VBS Enclaves?

• VBS enclaves are software-based trusted execution environments within a host application’s address space.
• They use virtualization-based security (VBS) to isolate sensitive code and data, protecting them from the rest of the system—even from the operating system itself.
• Common use cases include securing cryptographic operations, passwords, and other confidential workloads.

What Has Changed?

As of April 2025, Microsoft has deprecated VBS enclaves on:

• Windows 11 versions 23H2 and earlier
• Windows Server 2022 and earlier

Ongoing support will only be available for:

• Windows 11 version 24H2 and later
• Windows Server 2025 and later

Why Does This Matter?

• Deprecation means no further updates or improvements; the feature will be removed in future OS releases.
• Older Windows versions will be less secure, as they lose access to this advanced isolation technology.
• Developers relying on VBS enclaves must update their development and testing environments to Windows 11 24H2 or Windows Server 2025 to maintain compatibility and security.

Potential Reasons for Deprecation

• Microsoft has not provided a detailed explanation.
• Possible motivations include shifting to new security models, addressing vulnerabilities, or streamlining feature support.
• Notably, a critical vulnerability (CVE-2025-21370) was patched in January 2024, showing that even advanced security features need constant evolution.

What Should You Do?

1. Upgrade to Windows 11 24H2 or Windows Server 2025 if your applications depend on VBS enclaves.
2. Review your security architecture for alternative protections, especially if you cannot upgrade immediately.

Windows UWP Map Control and Maps Platform APIs: Discontinued and Unmaintained

What Are These Features?

• The Windows UWP Map Control and Maps Platform APIs allowed developers to embed mapping and location services into Universal Windows Platform (UWP) apps, leveraging Bing Maps data.
• They provided functionalities like displaying maps, querying locations, and route planning within Windows apps.

What Has Changed?

• As of April 8, 2025, both the UWP Map Control and Maps Platform APIs are deprecated.
• The controls and APIs will continue to function for now, but they will no longer receive updates, bug fixes, or new features.
• Microsoft is consolidating mapping services by merging Bing Maps for Enterprise with Azure Maps, making Azure Maps the recommended replacement.

Why Does This Matter?

• Applications relying on these deprecated APIs risk becoming outdated and potentially insecure as the platform evolves.
• Developers are strongly encouraged to migrate to Azure Maps within one year of the deprecation notice to avoid disruptions and ensure continued support.

Migration Guidance

• Start planning your transition to Azure Maps as soon as possible.
• Microsoft provides resources and migration guides to assist with this process.
• Completing migration by April 2026 is recommended to avoid any service interruptions.

By staying informed and acting quickly, you can turn these negative changes into a positive opportunity to modernize your security and mapping solutions.