Comments

Comments

It's like "a USB-C port for AI applications..." according to the official documentation for MCP — "a standardized way to connect AI models to different data sources and tools." And now Microsoft has "revealed plans to make MCP a native component of Windows," reports DevClass.com, "despite concerns over the security of the fast-expanding MCP ecosystem." In the context of Windows, it is easy to see the value of a standardised means of automating both built-in and third-party applications. A single prompt might, for example, fire off a workflow which queries data, uses it to create an Excel spreadsheet complete with a suitable chart, and then emails it to selected colleagues. Microsoft is preparing the ground for this by previewing new Windows features. — First, there will be a local MCP registry which enables discovery of installed MCP servers. — Second, built-in MCP servers will expose system functions including the file system, windowing, and the Windows Subsystem for Linux. — Third, a new type of API called App Actions enables third-party applications to expose actions appropriate to each application, which will also be available as MCP servers so that these actions can be performed by AI agents. According to Microsoft, "developers will be able to consume actions developed by other relevant apps," enabling app-to-app automation as well as use by AI agents. MCP servers are a powerful concept but vulnerable to misuse. Microsoft corporate VP David Weston noted seven vectors of attack, including cross-prompt injection where malicious content overrides agent instructions, authentication gaps because "MCP's current standards for authentication are immature and inconsistently adopted," credential leakage, tool poisoning from "unvetted MCP servers," lack of containment, limited security review in MCP servers, supply chain risks from rogue MCP servers, and command injection from improperly validated inputs. According to Weston, "security is our top priority as we expand MCP capabilities." Security controls planned by Microsoft (according to the article): A proxy to mediate all MCP client-server interactions. This will enable centralized enforcement of policies and consent, as well as auditing and a hook for security software to monitor actions. A baseline security level for MCP servers to be allowed into the Windows MCP registry. This will include code-signing, security testing of exposed interfaces, and declaration of what privileges are required. Runtime isolation through what Weston called "isolation and granular permissions." MCP was introduced by Anthropic just 6 months ago, the article notes, but Microsoft has now joined the official MCP steering committee, "and is collaborating with Anthropic and others on an updated authorization specification as well as a future public registry service for MCP servers."

Read more of this story at Slashdot.

Comments

Long-time Slashdot reader SchroedingersCat shares this article from Deadline: Prime Video will not be renewing The Wheel of Time for a fourth season according to Deadline article. The decision, which comes more than a month after the Season 3 finale was released April 17, followed lengthy deliberations. As often is the case in the current economic environment, the reasons were financial as the series is liked creatively by the streamer's executives... The Season 3 overall performance was not strong enough compared to the show's cost for Prime Video to commit to another season and the streamer could not make it work after examining different scenarios and following discussions with lead studio Sony TV, sources said. With the cancellation possibility — and the show's passionate fanbase — in mind, the Season 3 finale was designed to offer some closure. Still, the news would be a gut punch for fans who have been praising the latest season as the series' best yet creatively... Prime Video and Sony TV will continue to back the Emmy campaign for The Wheel of Time's third season.

Read more of this story at Slashdot.

Comments

Comments

Comments

Comments

Comments