Security concerns mount as Microsoft rolls out NLWeb and MCP

Researchers found a major flaw in Microsoft’s new NLWeb protocol, exposing sensitive files. Despite a patch, concerns remain over security practices as Microsoft expands AI features without assigning a CVE.
Microsoft’s new ‘Write’ feature in Notepad lets users generate content using prompts, building on earlier AI tools like ‘Summarize’ and ‘Rewrite’.

Researchers have discovered a critical security flaw in Microsoft’s new NLWeb protocol, designed to bring ChatGPT-style search to websites and apps. The vulnerability, a simple path traversal bug, allowed remote access to sensitive files, including system configurations and API keys.

Although Microsoft has patched it, the incident raises concerns about security oversight, particularly as NLWeb is being adopted by major partners such as Shopify, Snowflake, and TripAdvisor.

According to The Verge, security researchers Aonan Guan and Lei Wang identified the flaw shortly after NLWeb’s launch, warning that traditional vulnerabilities now have the potential to compromise the ‘brains’ of AI systems themselves.

Microsoft issued a fix on 1 July, but has yet to assign the flaw a CVE, the industry standard for tracking security vulnerabilities, despite pressure from the researchers. Assigning a CVE would raise awareness and allow better monitoring of the issue, even though NLWeb is not yet widely used.

Microsoft is also continuing to roll out native support for the Model Context Protocol (MCP) in Windows, despite recent warnings from security researchers about its potential risks.

The NLWeb vulnerability highlights the need for Microsoft to balance the rapid rollout of new AI carefully features with maintaining security as its top priority.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!