A Microsoft employee disrupted the company’s Build developer conference in Seattle, Washington, this morning, protesting against the company’s cloud and AI contracts with the Israeli government. Microsoft CEO Satya Nadella had only been on stage for a matter of minutes before protesters started interrupting his speech, with one shouting “free Palestine!” Nadella continued his keynote, ignoring the protesters as they were escorted out of a hall inside the Seattle conference center.
Microsoft employee Joe Lopez, who has spent the past four years working as a firmware engineer in the company’s Azure hardware systems team, was one of the protesters who interrupted Nadella. He was also joined by a fired Google employee, who was part last year’s sit-in protests against Google’s cloud contract with Israel.
Shortly after Lopez’s interruption, he sent an email to thousands of Microsoft employees, telling them he was “shocked by the silence of our leadership,” just days after Microsoft responded to employee protests by claiming it hadn’t found any evidence that its Azure and AI tech has harmed people in Gaza.
“Leadership rejects our claims that Azure technology is being used to target or harm civilians in Gaza,” says Lopez in his email. “Those of us who have been paying attention know that this is a bold-faced lie. Every byte of data that is stored on the cloud (much of it likely containing data obtained by illegal mass surveillance) can and will be used as justification to level cities and exterminate Palestinians.”
Microsoft announced last week that it had recently conducted an internal review and used an unnamed external firm to assess how its technology is used in the conflict in Gaza. Microsoft says that its relationship with the Israel Ministry of Defense (IMOD) is “structured as a standard commercial relationship,” and that it has “found no evidence that Microsoft’s Azure and AI technologies, or any of our other software, have been used to harm people or that IMOD has failed to comply with our terms of service or our AI Code of Conduct.”
This latest employee protest comes just weeks after after two former Microsoft employees disrupted the company’s 50th-anniversary event, with one calling Microsoft’s AI CEO, Mustafa Suleyman, a “war profiteer” and demanding that Microsoft “stop using AI for genocide in our region.” A second protester interrupted Microsoft co-founder Bill Gates, former CEO Steve Ballmer, and Microsoft CEO Satya Nadella later on in the event.
The protests have been organized by No Azure for Apartheid, a group of current and former Microsoft employees rallying against Microsoft’s contracts with the Israeli government. The group accuses Microsoft of “supporting and enabling an apartheid state,“ by not suspending sales of cloud and AI services to Israel. It has also highlighted media reports that detail the Israeli military’s increased use of Azure and OpenAI technology to gather information through mass surveillance and use AI tools to transcribe and translate phone calls, texts, and audio messages.
Hossam Nasr — an organizer of No Azure for Apartheid and a former Microsoft employee who was fired for holding a vigil outside Microsoft’s headquarters for Palestinians killed in Gaza — called the company’s latest statement contradictory last week. “In one breath, they claim that their technology is not being used to harm people in Gaza, while also admitting they don’t have insight into how their technologies are being used,” said Nasr. “It’s very clear that their intention with this statement is not to actually address their worker concerns, but rather to make a PR stunt to whitewash their image that has been tarnished by their relationship with the Israeli military.”
Here is Joe Lopez’s email in full:
Fellow Microsoft workers and Microsoft leadership, By now you may have seen or heard of my disruption at the Microsoft Build keynote this morning. I have been working as a firmware engineer under Azure Hardware Systems and Infrastructure (AHSI) for the past 4 years. As a Microsoft worker – while I’ve had positive experiences here, working and learning with many incredible people – I can no longer stand by in silence as Microsoft continues to facilitate Israel’s ethnic cleansing of the Palestinian people.
Like many of you, I have been watching the ongoing genocide in Gaza in horror. I have been shocked by the silence, inaction, and callousness of world leaders as Palestinian people are suffering, losing their lives and their homes while they plead for the rest of the world to pay attention and act.
Like many of you, I have tried to do my part in small ways. Staying informed, sharing information with friends, signing petitions, making donations. All the while continuing my work at Microsoft.
My disillusionment with Microsoft
Then I came across the No Azure for Apartheid movement, whose members have been organizing, taking action, and speaking out no matter the cost. I saw Ibtihal and Vaniya’s disruption of Microsoft’s 50th anniversary on April 4 and was shocked to hear the words coming from their mouths. Microsoft is killing kids? Is my work killing kids?
I was also shocked by the silence of our leadership. By the silence of Mustafa Suleyman, Brad Smith, Kevin Scott, Scott Guthrie, and Satya Nadella. “Why aren’t they responding”? I asked myself. “If we are truly not guilty, shouldn’t they deny these horrible accusations?”
I started to look deeper. I read the articles, saw the evidence, heard the testimonies of employees who were horrified to find out that the technology that we are building is being used by Israel in their mission to erase the Palestinian people.
A switch had been flipped. Presented with this information, I went into work everyday plagued by thoughts of the suffering that is being inflicted by a United States-Israeli war machine that runs on Azure. I joined Microsoft because I truly believed that it was the “more ethical big tech”. I thought that the work that I was doing was empowering people, not causing harm.
Microsoft’s admission of complicity
Microsoft recently uploaded a blog post, marking its first official response to the concerns that many have been shouting into their ears for years. Their statement falls far short of what we are demanding. Nontransparent audits into our cloud operations in Israel (conducted by no other than Microsoft itself and an unnamed external entity) that declare no wrongdoing by the company do not give me any sense of relief. In fact, this response has further compelled me to speak out. Microsoft openly admitted to allowing the Israel Ministry of Defense “special access to our technologies beyond the terms of our commercial agreements”. Do you really believe that this “special access” was allowed only once? What sort “special access” do they really need? And what are they doing with it?
Leadership rejects our claims that Azure technology is being used to target or harm civilians in Gaza. Those of us who have been paying attention know that this is a bold-faced lie. Every byte of data that is stored on the cloud (much of it likely containing data obtained by illegal mass surveillance) can and will be used as justification to level cities and exterminate Palestinians. We don’t need an internal audit to know that a top Azure customer is committing crimes against humanity. We see it live on the internet every day.
As one of the largest companies in the world, Microsoft has immeasurable power to do the right thing: demand an end to this senseless tragedy, or we will cease our technological support for Israel. If leadership continues to ignore this demand, I promise that it won’t go unnoticed. The world has already woken up to our complicity and is turning against us. The boycotts will increase and our image will continue to spiral into disrepair.
Call to action
My future children will one day ask me what I did for the Palestinian people as they were suffering and pleading for our help. I hope they will forgive me for my previous inaction. Many of you have children who may be asking you that question today. What will you tell them?
As Israel continues its deadly blockade of Gaza, and Netanyahu continues to assert that he will not rest until Gaza is fully occupied, we know that this situation is beyond dire. I wouldn’t have risked my career and my livelihood if I didn’t believe that to the core of my being. It’s terrifying to speak up, especially right now. Imagine your home being demolished as soldiers stand by cheering.
Your friends and family members dismembered by bombs that drop daily in your neighborhood.
Every member of your community on the brink of death due to starvation
Strangers staking claims to your home, awaiting your death.
Wouldn’t you hope that someone would speak up for you?
I recognize my privilege as a young person with little financial responsibility to anyone but myself and little risk of deportation as a US citizen. Not everyone can afford to do what I did without great risk to themselves and their family. But no act is too small when human lives are at stake. Sign the petition, join the movement, start the conversation with colleagues, please contribute whatever you can to the cause.
I know many of you out there are also considering leaving Microsoft for the same reasons I am. You are not alone. If you find it is too debilitating to work at this company and you wish to leave, please lean on our campaign to support. If we continue to remain silent, we will pay for that silence with our humanity.
Looking back, I’m ashamed of my past silence. But as the saying goes: “The best time to act was yesterday, the second best time is today.”
Bluesky is making it easier to know when an NBA game is happening with a new test that adds a red border to the NBA’s profile picture, along with a “live” callout below it. When you click the profile picture, you’ll be taken out of Bluesky and to whatever live event the organization is promoting, Bluesky COO Rose Wang announced yesterday.
“We aren’t trapping you in Bluesky,” Wang writes in her post. “We want you to use Bluesky to discover what’s happening.”
In the announcement, Wang quote-posted an NBA promotional post about two games that were set to take place last night, indicating that the badge would have shown up during them. Bluesky didn’t immediately respond to The Verge’s email asking for a screenshot of the new indicator and whether it plans to extend the test to other sports or non-sports organizations. As TechCrunch points out, Wang confirmed that the feature will appear for WNBA games as well.
Though Wang doesn’t say it, her post feels like a dig at the various deals Twitter made with sports organizations like the NFL, MLB and NHL, and the NBA to stream their content on its platform, rather than linking out to their streams elsewhere. In an interview with SportsPro last month, Wang said Bluesky doesn’t have the means or desire to take on partnerships like those, but the new live badge testing shows it’s certainly not above doing what it can to nurture its burgeoning “Sports Bluesky.”
A Kansas mother who left an old laptop in a closet is suing multiple porn sites because her teenage son visited them on that computer.
The complaints, filed last week in the U.S. District Court for Kansas, allege that the teen had “unfettered access” to a variety of adult streaming sites, and accuses the sites of providing inadequate age verification as required by Kansas law.
According to the complaints, the mother, “Jane Doe,” put an old laptop in a closet at home and forgot about it. Her son, 14-year-old “Q.R.,” found it in working condition. He visited Chaturbate 30 times between August and October 2024, the complaint against Chaturbate says. “Jane Doe was vigilant in monitoring Q.R.’s devices to prevent his exposure to harmful material during this important developmental stage of his life,” NCOSE wrote in its press release. NCOSE is a conservative anti-porn lobbying group that’s gone after adult material on Reddit and Twitter in the past, and has supported efforts to ban Pornhub entirely.
💡
Do you know anything else about how adult sites are handling age verification laws, or how lobbyists are pushing for them? I would love to hear from you. Using a non-work device, you can message me securely on Signal at sam.404. Otherwise, send me an email at [email protected].
In April of last year, Kansas passed one of the most extreme age verification bills into law. “Any commercial entity that knowingly shares or distributes material that is harmful to minors on a website and such material appears on 25% or more of the webpages viewed on such website in any calendar month” falls under the purview of this law, sites that don’t comply could be fined up to $10,000 for each violation, and parents could sue for damages of at least $50,000.
Kansas criminal law defines “material harmful to minors” as involving “nudity, sexual conduct, sexual excitement or sadomasochistic abuse.”
Benjamin Bull, General Counsel for NCOSE, told local news outlet KAKE that he hopes this lawsuit will “open up the floodgates” of similar age verification based challenges in other states. Eighteen states, including almost all of the U.S. South, have age verification laws in place, according to the Free Speech Coalition, an adult industry advocacy organization. Free speech advocates and internet safety experts say these laws are archaic, ineffective for actually controlling childrens’ access to adult materials, and chilling for adults’ rights to view adult material.
Last year, Texas Attorney General Ken Paxton sued Chaturbate and other porn sites, accusing them of not complying with Texas' age verification law; Chaturbate paid Texas $675,000 to settle.
The plaintiff in these lawsuits against Chaturbate and others are asking for at least $75,000 in damages in each complaint, for “actual damages resulting from Q.R.’s access to material that is harmful to minors, including but not limited to past medical expenses, future medical expenses, past and future lost services and disability, past and future pain, suffering, and disability.” According to the law, each violation could cost the porn sites $50,000.
With the Galaxy S25 Edge and full lineup released, the Galaxy S25 FE is starting to rear its head. According to new leaks, the Galaxy S25 FE camera array may offer little change, sticking with a similar telephoto camera to last year’s model.
Sequoia Capital partner Shaun Maguire said in a webinar hosted by Israel’s Defense Ministry that he connected the IDF with SpaceX’s Starlink satellite internet far sooner than believed.
The annual developer conference kicks off with a keynote address on Tuesday. Look out for updates on Android, Gemini, Search, and Google's latest forays into XR.
In the mood for a jauntily charming sci-fi comedy dripping with wry wit and an intriguing mystery? Check out Apple TV's Murderbot, based on Martha Wells' bestselling series of novels The Murderbot Diaries. It stars Alexander Skarsgård as the titular Murderbot, a rogue cyborg security (SEC) unit that gains autonomy and must learn to interact with humans while hiding its new capabilities.
(Some minor spoilers below, but no major reveals.)
There are seven books in Wells' series thus far. All are narrated by Murderbot, who is technically owned by a megacorporation but manages to hack and override its governor module. Rather than rising up and killing its former masters, Murderbot just goes about performing its security work, relieving the boredom by watching a lot of entertainment media; its favorite is a soap opera called The Rise and Fall of Sanctuary Moon.
President Donald Trump is expected to sign the Take It Down Act today, a bipartisan law that enacts stricter penalties for distributing non-consensual explicit images, including deepfakes and revenge porn.
There are four different models of budget-minded Asus TUFs equipped with the RTX 5060, and configuration options beyond that.
Asus is updating three of its gaming laptop lines with configurations featuring the new GeForce RTX 5060 GPU, offering features like Multi Frame Generation for higher framerates at slightly lower prices. Nvidia’s mid-range graphics are coming to the beefy ROG Strix G16 and G18, ROG Zephyrus G14 hybrid gaming / creativity laptop, and the entry-level TUF Gaming A14, A16, A18, and F16.
That’s seven new laptops from Asus. And with the 5060 becoming the new entry-level card for each line, the new configs can be around $300 to $400 cheaper than their 5070 versions. Prices on the new 5060 models are as low as $1,499.99 to slightly higher configurations (with faster CPUs, more RAM, and more storage) as pricey as $2,099.99.
That low $1,499.99 and high $2,099.99 both lie in the ROG Strix G16. The Strix G16 and G18 look much like stripped-down versions of their pricier Strix Scar counterparts, with 16- and 18-inch 2560 x 1600 240Hz displays and the same wraparound RGB light bars built into their chassis. Though, the more simplified Strix G models have IPS panels instead of Mini LED, and no fancy lid with animated LEDs. The new RTX 5060-equipped G16 and G18 are offered with Intel (Raptor Lake Refresh / Arrow Lake) and AMD (Dragon Range / Fire Range) chip options, 16GB or 32GB of RAM, and up to 2TB of storage.
As Strix laptops are bulky machines (weighing as much as seven pounds in the 18-inch model), they’re loaded with ports, including HDMI 2.1, ethernet, 3.5mm audio jack, five total USB ports for Intel models (three USB-A, one USB-C, and one Thunderbolt 4), and four total USB ports for AMD configs (two USB-A and two USB4).
The new Asus TUF Gaming laptops also come in a variety of sizes and flavors, all now equipped with less costly RTX 5060 configurations than just their current RTX 5070 configurations. Like the Strix G models, the TUFs are fairly chunky gaming-focused laptops but they make some sacrifices for the sake of reaching certain price points, like lower 144Hz and 165Hz refresh rates and the TUF A18 having an ancient USB 2.0 plug among its five total USB ports. (Heresy, I know.)
At $1,599.99 there’s the 18-inch TUF A18 and 16-inch TUF F16. The A18 comes with an AMD Ryzen 7 260 (Hawk Point) CPU and the F16 has an Intel Core Ultra 9 275HX (Arrow Lake). The TUF A14 and TUF A16 are next up at $1,699.99, with the 14-inch packing an AMD Ryzen AI 7 350 (the same Krackan Point chip I recently tested on the Framework Laptop 13) and the 16-inch getting the same Ryzen 7 260 as its bigger 18-inch sibling.
The simplest update is for Asus’s ROG Zephyrus G14 laptop, which is getting a $1,799.99 configuration with RTX 5060 graphics. The Zephyrus is Asus’s thinner gaming laptop that leans a little more towards the conventional, lending itself to traveling and not looking totally out of place in a cafe or library.
The laptop still looks as it did when the G14 was redesigned back in early 2024, with a 14-inch 2880 x 1800 120Hz OLED display, AMD Ryzen AI 9 270 CPU, 16GB of RAM, 1TB SSD, one USB4, one USB-C, two USB-A, HDMI 2.1, and a 3.5mm audio jack. Just as the recently refreshed models from CES using higher-end RTX 50-series GPUs, its USB-C ports got a tiny upgrade that allows you to use Power Delivery charging on either side. But, of course, if you want to get the most graphics power out of this compact gaming laptop you’ll have to plug in its hefty charger with reversible proprietary connector.
Since all of these laptops are equipped with the RTX 5060, they’re compatible with Nvidia’s DLSS 4 and Multi Frame Generation. While some models are available now through Asus’s online store and select retailers, the full availability of all configs is expected through June.
Web developers will be able to start leveraging on-device AI in Microsoft’s Edge browser soon, using new APIs that can give their web apps access to Microsoft’s Phi-4-mini model, the company announced at its Build conference today. And Microsoft says the API will be cross-platform, so it sounds like these APIs will work with the Edge browser in macOS, as well.
The 3.8-billion-parameter Phi-4-mini is Microsoft’s latest small, on-device model, rolled out in February alongside the company’s larger Phi-4. With the new APIs, web developers will be able to add prompt boxes and offer writing assistance tools for text generation, summarizing, and editing. And within the next couple of months, Microsoft says it will also release a text translation API.
Microsoft is putting these “experimental” APIs forth as potential web standards, and in addition to being cross-platform, it says they’ll also work with other AI models. Developers can start trialing them in the Edge Canary and Dev channels now, the company says.
Google offers similar APIs for its Chrome browser. With them, developers can use Chrome’s built-in models to offer things like text translation, prompt boxes for text and image generation, and calendar event creation based on webpage content.
I reported in my Notepad newsletter earlier this month that Microsoft was getting ready to host Elon Musk’s Grok AI models, and now it’s official. At Microsoft’s Build developer conference today, the company confirmed it’s expanding its Azure AI Foundry models list to include Grok 3 and Grok 3 mini from xAI.
“These models will have all the service level agreements (SLAs) Azure customers expect from any Microsoft product,” says Microsoft. The Grok AI models will be hosted and billed directly by Microsoft, and offered to its own product teams and customers through its Azure AI Foundry service.
It’s a surprise addition that could prove controversial internally and further inflame tensions with Microsoft’s partner OpenAI. Microsoft has been steadily growing its Azure AI Foundry business over the past year, and has been quick to embrace models from a variety of AI labs that compete with its OpenAI partner.
In January I reported in Notepad that Microsoft CEO Satya Nadella had moved with haste to get engineers to test and deploy DeepSeek R1 as it made headlines around the world. Engineers didn’t sleep much over those days while they worked overtime to get R1 ready for Azure AI Foundry.
Sources tell me Nadella has been pushing for Microsoft to host Grok, as he’s eager for Microsoft to be seen as the hosting provider for any popular or emerging AI models. Grok is the latest model to join the Azure AI Foundry, which is quickly becoming an important AI service for Microsoft as it seeks to be seen as the platform to host AI models for businesses and app developers.
The announcement of Grok on Azure AI Foundry comes just days after the chatbot spent hours telling every X user that the claim of white genocide in South Africa is highly contentious. xAI blamed the behavior on an “unauthorized modification” to Grok’s code. xAI has had a similar problem earlier this year, when the company blamed an unnamed ex-OpenAI employee for pushing a change to Grok that saw it disregard any sources that accused Elon Musk or Donald Trump of spreading misinformation.
Naturally, OpenAI CEO Sam Altman was quick to poke fun at Grok in an X post last week. OpenAI countersued Musk earlier this month over claims that the Tesla boss is using “bad-faith tactics to slow down OpenAI.” Elon Musk and OpenAI have been in a legal spat for months now, after Musk’s messy breakup with the AI lab he helped to cofound nearly 10 years ago.
Microsoft is making its Windows Subsystem for Linux (WSL) open-source today, opening up the code for community members to contribute to. After launching WSL for Windows 10 nearly nine years ago, it has been a multiyear effort at Microsoft to open-source the feature that enables a Linux environment within Windows.
“It has been a consistent request from the developer community for some time now,” says Windows chief Pavan Davuluri in an interview with The Verge. “It took us a little bit of time, because we needed to refactor the operating system to allow WSL to live in a standalone capacity that then allowed us to open-source the project and be able to have developers go and make contributions and for us to ingest those into the Windows pipeline and ship it at scale.”
The WSL code is now available on GitHub, allowing developers to download it and build it from source, participate in fixes, or even add new features. The WSL community hasn’t had access to Microsoft’s source code in the past, but that hasn’t stopped them from making contributions that have helped improve WSL over the years. Davuluri says he’s now expecting that developers will use the open-source project to help improve WSL performance, or for more integration into Linux services.
It’s a major milestone for WSL, which started off life in 2016 as part of the Windows 10 Anniversary update. “At that time WSL was based on a pico process provider, lxcore.sys, which enabled Windows to natively run ELF executables, and implement Linux syscalls inside the Windows kernel,” explains Pierre Boulay, senior software engineer at Microsoft. “Over time it became clear that the best way to provide optimal compatibility with native Linux was to rely on the Linux kernel itself.”
Microsoft announced its second major version of WSL in 2019, eventually adding GPU support and then moving to ship the project separate to Windows. “It eventually became clear that to keep up the growing community and feature requests, WSL had to move faster, and ship separately from Windows,” says Boulay. “That’s why in 2021 we separated WSL from the Windows codebase, and moved it to its own codebase.” In the latest 24H2 update for Windows 11, Microsoft has fully transitioned WSL users to a package that’s separate from Windows, instead of the WSL component that was baked into the OS.
All of these changes to WSL in recent years have led Microsoft to close off the first ever issue raised on its WSL repo on GitHub, asking “Will this be open-source?” That answer is very much yes now, and it’s a part of making Windows more developer-friendly. “Our goal is quite simple: we want Windows to be a great dev box for developers,” says Davuluri. “That’s really the ambition.”
Microsoft launched its Copilot Plus PC and Windows AI efforts last year, and now it’s going a step further today with native Model Context Protocol (MCP) in Windows and the launch of the Windows AI Foundry. The groundwork is necessary for a future envisioned by Microsoft whereby automated AI agents assist their human companions.
Introduced by Anthropic late last year, MCP is an open-source standard that’s often referred to as the “USB-C port of AI” apps. Just as USB-C connects devices from many manufacturers to a variety of peripherals, developers can use MCP to quickly let their AI apps or agents talk to other apps, web services, or now even parts of Windows. Microsoft’s embrace of this protocol is a big part of its ambitions to reshape Windows and make it ready for a world of AI agents to be able to connect to apps and services in ways that haven’t been possible before.
“We want Windows as a platform to be able to evolve to a place where we think agents are a part of the workload on the operating system, and agents are a part of how customers interact with their apps and devices on an ongoing basis,” says Windows chief Pavan Davuluri in an interview with The Verge.
Microsoft is supporting MCP in a big way inside Windows, alongside even broader efforts to power what it calls the agentic web. To evolve Windows to this agentic world that Microsoft envisions, the company is introducing some new developer capabilities to enable this MCP framework for AI agents to expose key Windows functionality that AI agents will be able to access.
An MCP registry on Windows will act as the secure, trustworthy source for all MCP servers that AI agents will be able to access. “Agents can discover the installed MCP servers on client devices via the MCP registry for Windows, leverage their expertise, and offer meaningful value to end users,” says Davuluri. MCP servers will be able to access things like the Windows File System, windowing, or the Windows Subsystem for Linux.
In a demo during a briefing for Microsoft’s MCP in Windows announcement, the company showed me an early preview of how Perplexity on Windows could leverage MCP capabilities. Instead of having to manually select folders of documents, Perplexity can simply query the MCP registry to find a Windows file system MCP server to connect to. This allows Perplexity to perform file searches on behalf of a user in a more natural way, so you could simply say “find all the files related to my vacation in my documents folder,” instead of having to add this folder or the documents manually.
You could imagine how a world of MCP servers and hosts inside Windows might eventually open the operating system up to a lot more automated app features, especially for querying data from the web inside apps like Excel. We’re also starting to see Microsoft make parts of Windows AI-powered through AI agents. Copilot Plus PCs will soon have access to an AI agent settings interface, which lets you control system settings using natural language queries.
This type of MCP functionality also opens Windows up to a world of new attack methods from malicious actors. The security risks of MCP have been well documented in recent months, with warnings of potential token theft, server compromises, and prompt injection attacks. Microsoft is well aware of the security risks of embracing MCP at such an early stage, so the company is only making a preview available to select developers to help work on its feature set and secure it fully.
“I think we have a solid set of foundations and more importantly a solid architecture that gives us all the tools to start, to do this securely,” explains David Weston, vice president of enterprise and OS security at Microsoft, in an interview with The Verge. “We’re going to put security first, and ultimately we’re considering large language models as untrusted, as they can be trained on untrusted data and they can have cross-prompt injection.”
In the demo Microsoft showed me of MCP working in Windows, there were also early security prompts to let these AI apps access MCP capabilities. “Just like a web app asks for your location, you’re in control of what you share, and we want to make sure that’s intentional,” says Weston.
This is all early work from Microsoft right now, but the demo did remind me a little of Windows Vista’s UAC prompts that would pop up whenever you needed admin permissions to do things in Windows. Those became very annoying and a subject of mocking ads from Apple. Getting these prompts right will be key for Microsoft here, as it has to balance security and the convenience of using these AI agents and apps. I sure don’t want a repeat of UAC or even Apple’s copy-paste prompts that are highly irritating in iOS right now.
Microsoft is also committing to a variety of MCP security controls that Weston outlines in a blog post today, alongside some security requirements in order for MCP servers to appear in Microsoft’s official list, or registry. “These will prevent classes of attack like tool poisoning while also creating an open and diverse ecosystem of MCP servers,” says Weston. “More information on these requirements will be available when the developer preview is released.”
Alongside this big MCP push, Microsoft is also positioning its own AI platform inside Windows as the rebranded Windows AI Foundry. It integrates models from Foundry Local and other catalogs like, Ollama and Nvidia NIMs, and is designed to allow developers to tap into models available on Copilot Plus PCs, or to bring their own models through Windows ML.
Windows ML should make it a lot easier for developers to deploy their apps “without needing to package ML runtimes, hardware execution providers, or drivers with their app,” according to Davuluri. Microsoft is working closely with AMD, Intel, Nvidia, and Qualcomm on its Windows AI Foundry effort.
GitHub is launching an AI coding agent that can do things like fix bugs, add features, and improve documentation — all on a developer’s behalf. The agent is embedded directly into GitHub Copilot, and it will start working once a user assigns it a task, according to an announcement at Microsoft Build.
To complete its work, GitHub says the AI coding agent will automatically boot a virtual machine, clone the repository, and analyze the codebase. It also saves its changes as it works, while providing a rundown of its reasoning in session logs. When it’s finished, GitHub says the agent will tag you for review. Developers can then leave comments that the agent will automatically address.
“The agent also incorporates context from related issue or PR (pull request) discussions and follows any custom repository instructions, allowing it to understand both the intent behind the task and the coding standards of the project,” GitHub says. The new coding agent is available to Copilot Enterprise and Copilot Pro Plus users through GitHub’s site, its mobile app, and the GitHub Command Line Interface tool.
Microsoft also announced that it’s open-sourcing GitHub Copilot in Visual Studio Code, which means developers will be able to build upon the tool’s AI capabilities.
Correction, May 19th: An earlier version of the article stated the AI coding agent will be available through Copilot Plus, but the service is actually called Copilot Pro Plus.
