Microsoft goes all in on Anthropic’s MCP standard for safer AI agent deployments
As AI agent fever spreads, support for Model Context Protocol (MCP), an AI data connection standard created by Anthropic last year, is growing — and Microsoft is the latest to join in, emphasizing security.
Also: What is Model Context Protocol? The emerging standard bridging AI and data, explained
The company joined the MCP Steering Committee last week alongside GitHub, announcing support for the protocol across GitHub, Copilot Studio, Dynamics 365, Azure and Azure AI, Foundry Agents, Windows 11, and Semantic Kernel. On Monday, as part of the company’s annual Build developer event, Microsoft announced two new initiatives to foster “secure, at-scale adoption” of MCP as developers build with agents across various platforms.
“Windows 11 will support developers building intelligent applications that want to use MCP and generative AI capabilities to build applications centered around generative AI,” Microsoft said, including autonomous agentic frameworks. The company will release the platform’s new capabilities in preview for developers in the coming months.
Also: The best VPN services (and how to choose the right one for you)
Microsoft is embracing support for MCP across several of its widely used products, but only under the right conditions. “From a security perspective, the input and training data for a LLM are considered untrusted,” Microsoft noted, adding that attacks on MCP servers can jailbreak AI chat apps or coax them to leak sensitive data. The company cited extensive research identifying several main security gaps AI agents can present, including poor credential management and a lack of proper security review.
“The goal for Windows 11 as an agentic OS is to provide the strongest fundamental security capabilities while also evolving and adapting to emerging threats,” Microsoft said in the release. To achieve that goal, Windows 11 will include features like proxy-mediated communication, tool-level authorization, and runtime authorization.
Also: AI agents bring big risks and rewards for daring early adopters, says Forrester
Joining forces with Anthropic and other parts of the MCP network, Microsoft has designed an authorization spec to improve security between apps and MCP servers. The new spec lets users implement verified sign-in methods like Microsoft Entra ID to let apps powered by agents and LLMs access data, including personal drives or subscriptions.
“This is an important step toward enabling agent-based experiences in enterprise and consumer contexts where trust and accountability are essential,” Microsoft said in the announcement. The move responds to the overall trend across industries of companies implementing agents for everything from lower-level customer support to more complex, multi-step workflow automations.
Microsoft also announced a Windows registry service for MCP servers, which lets anyone “implement public or private, up-to-date, centralized repositories for MCP server entries and enable the discovery and management of various MCP implementations with their associated metadata, configurations, and capabilities,” Microsoft explained.
Also: Block’s new open-source AI agent ‘goose’ lets you change direction mid-air
Only MCP servers that meet the company’s security threshold will make it onto the registry. The criteria include:
- Mandatory code signing to establish provenance and enable revocation
- Servers’ definition of tools cannot be changed at runtime
- Security testing of exposed interfaces
- Mandatory package identity
- Servers must declare the privileges they require
Microsoft also announced NLWeb, a generally available “open project” that the company compares to HTML for “the agentic web,” noting that its every endpoint is an MCP server. This approach means website admins can easily make their content accessible to AI agents.
Also: 60% of AI agents work in IT departments – here’s what they do every day
Earlier this spring, tech giants Google and OpenAI also joined MCP. Microsoft’s additions signal widening acceptance for open software and “shared infrastructure,” as Microsoft called it, for the future of AI agents.
Want more stories about AI? Sign up for Innovation, our weekly newsletter.
Artificial Intelligence
READ MORE HERE