GitHub

News from IT House, June 3, Microsoft presented at the Build 2026 Congress today. Windows The platform ' s security program for AI smarts was officially launched Microsoft Exchange ConsultantsSDK the early preview.

The SDK is designed for Windows and WSL (applies to Linux The AI smart body on the Windows subsystem provides a cross-platform, policy-driven implementation layer.

As AI intelligents move from simple questions and answers to autonomous cross-system operations, this also poses new challenges to control and trust mechanisms in the computing environment. Microsoft points out that the development of an intelligent body that can read documents, call services, modify the environment and operate at high speed raises a key issue: How to ensure their trustworthiness when these systems operate on a large-scale, autonomous basis on real data.

In response, Microsoft has expanded its security boundaries from application and model layers to operational systems by using isolation, identity and management as the basic security elements of Windows.

Microsoft has previously shared its principles for protecting intelligent workflows on Windows and announced in May this year that Microsoft Agent 365 will expand its capabilities, including the detection and management of local intelligence bodies on Windows (IT House Note: Initial support for OpenClaw smarts will be extended to GitHub Copilot CLI and Claude. A wider intelligence like Code. On Build 2026, Microsoft announced that Agent 365 and Windows were working together to provide these capabilities by introducing MXC SDK.

MXC SDK was described as providing the developers with an abstract layer, encapsulating the underlying seclusive base, so that the developers did not have to deal with low-level isolation details. Through this SDK, developers can define in their applications and smarts the content to be bound, while Windows enforces these policies while running through MXC. This combustible sandbox mechanism allows the same set of strategic models and SDK to map different isolation structures according to different work loads and segregation needs.

Windows supports multiple segregation options to meet the diverse needs of intelligent ecosystems. In the early preview to be released shortly after the General Assembly in Build, the following two core isolations will be included:

Process isolation: Provides rapid, light-weight isolation for intelligent bodies in the user environment. It can limit the code generated by the model to the boundaries of the dedicated process, allowing access to documents and network domains only, as permitted by the strategy. This approach is well suited to a coded intelligence that requires high response speed. It was described that GitHub Copilot CLI had adopted MXC process isolation to regulate its dynamic generation and code enforcement behaviour.

Session segregation: Workloads that apply to a large number of long-term running processes or that require independent resources (e.g., to run automated desktops). The session in Windows isolates the implementation environment of the smart body from the interactive desktop, clipboard, UI, input device, etc. of human users, which effectively mitigates risks such as UI fraud, tip-in and cross-session data leakage. Each session is run using a separate user account, Windows will assign a local ID or cloud pre-assembled identity to the packaging, supported by Entra, and attribute all the activities of the container to this identity, thus clearly distinguishing between the operation of humans and intelligence.

In addition to the above-mentioned released functions, Microsoft has published the MXC road map for the future development of security containment capabilities, including:

Micro-VM: For high-risk workloads, virtual machine monitoring processes are used to provide hardware-based isolation, light-weight mirrors are used to achieve higher density than full virtual machines while increasing the intensity of isolation. This is particularly relevant for smart bodies that handle sensitive data or run unreliable external codes.

Linux packagings: Introduce the isolation model into the Linux-centric smart body tool chain through WSL, achieve ecological compatibility with the Linux ML framework and software package, and have a border enforcement capability at the operating system level.

Windows 365 for Agencies: The service is now fully operational. It extends the isolation from local equipment to cloud PC. Smart bodies run on cloud PCs managed by Intune, in complete isolation from user devices. In the future, Windows 365 for Agencies will integrate MXC, extending from light-weight local isolation to a stronger hardware-level isolation border through a unified SDK model.

In addition, Microsoft is working closely with its partners in the ecosystem to ensure that its isolation programme meets the actual needs of developers.

OpenClaw is now available on Windows to safely run its nodes and gateways using MXC; NVIDIA based MXC-based OpenShell has landed on Windows; Hermes Agent will also integrate OpenShell and MXC in its new Windows application.

The Chief Executive Officer of Nous Research, Dillon Ronick, said: “The local smarts that are running on a continuous basis need to be clearly isolated, the developers need to control what the smarts can access and believe that these controls are effective. OpenShell, integrated with MXC, provides a strategy-driven basis for private device end-end intelligence on Windows.”

OpenAI A technical team member, David Wiesen, said, "With the development of MXC in collaboration with Microsoft, we have been able to explore new models for the safe and efficient generation and enforcement of codes by AI smarts. Combining Codex's capabilities with the MXC's implementing environment is designed to help developers move faster from intent to reliable implementation, while maintaining the security and control required by the enterprise.”

Manus Chief Product Officer Zhang Tao stated: “With the help of MXC, Windows provides developers with a strategy-driven approach to define what intelligent bodies can access and enforce these boundaries when they run, thus enabling more autonomous intelligent bodies to operate safely in an enterprise environment.”

In terms of the safety base, Windows has by default reduced the impact surface and increased the security baseline so that intelligent bodies can inherit these protections without extra work, mainly through uncoded login, non-renewal heat patches updated and used Rust. Develop a driver to reduce memory security gaps and back-quant cryptography in the Insider version.

Microsoft also announced that its multi-model smart body scanning tool, MDASH, has been integrated into Microsoft Defender and has opened an extended preview to eligible organizations.

MDASH was first seen several weeks ago to dispatch dozens of specialized AI smarts to find holes in the code library with OpenAI's Daybreak,Anthropic The tools Claude Security, Project Glasswing and Mythos compete.

Microsoft states that MDASH is differentiated by a configurable model designed for different uses, including a “heavy reasoning” model and a low-cost model that can be used for high-volume-cutting operations. When first published three weeks ago, MDASH scored 88.45 per cent in the publicly available CyberGym benchmark test, which has now risen to 96.55 per cent, which is also the industry benchmark.

In addition, Microsoft Defender can provide real-time protection against emerging intelligent threats such as alert injection. Corporate governance is the key platform capacity that Windows has long provided to IT and security teams. Agent 365 has now provided observable, governance and security capabilities for original integration for smarts that operate on Windows operating system environments (e.g. MXC and Windows 365 for satellites) to ensure that they are safe from the outset.

Microsoft indicated that many of the above-mentioned security capabilities had been provided in the latest Windows Insider preview and that more functionality would be rolled out through the Developer Preview. Developer can now start building a safer AI smart body by exploring Microsoft Exchange Consultants SDK.

Advertising statements: The external jump links (including not limited to hyperlinks, 2D codes, passwords, etc.) contained in the text are used to convey more information and save time for selection purposes only for reference purposes, which are included in all IT House articles.