Microsoft Unveils 7 New AI Models, Focuses on Enterprise Governance

Microsoft has announced seven new AI models, including one for efficient coding, and is focusing on making them more useful and less costly for businesses and developers. The company is adding new security and control features across Windows, GitHub, and Azure, which may help companies manage risks. These models are made for specific tasks like reasoning, coding, speech, and images, and can work with other AI services. Microsoft also introduced new tools and policies to help control and monitor how AI is used, which might support following future regulations. The overall plan suggests Microsoft wants to make it easier for companies to use AI safely and efficiently.

Microsoft unveiled 7 new AI models at its Build 2026 event, signaling a strategic shift toward enterprise governance and cost-effective, purpose-built AI. The company is integrating new security and control layers across Windows, GitHub, and Azure to help businesses adopt AI safely and efficiently, reducing risk without stifling innovation.

Seven in-house models tuned for distinct tasks

Microsoft's seven new in-house models are specialized for different enterprise needs. They include MAI-Thinking-1 for complex reasoning and MAI-Code-1 for efficient coding, alongside five others covering speech, image analysis, and scientific discovery. This approach prioritizes performance and cost-effectiveness for specific workloads.

According to the official Build 2026 blog, the new models include MAI-Thinking-1 for reasoning and MAI-Code-1 for coding. MAI-Thinking-1 is described by Microsoft as a 35 billion active parameter model with a 256K context window, available in private preview via Foundry.

Bullet list of roles, according to Microsoft documentation:
- MAI-Thinking-1: enterprise reasoning with lower token cost
- MAI-Code-1: inference-efficient coding inside VS Code
- Five additional models covering speech, images, scientific discovery, and lightweight chat workloads

This initiative does not lock customers into a single ecosystem. Microsoft confirmed its models will coexist with endpoints from Fireworks AI, Baseten, and OpenRouter, positioning Foundry as a central platform for building with and governing a diverse mix of Microsoft, third-party, and locally-run models.

Windows adopts an agent-native runtime

Windows is now positioned as an agent-native runtime, secured by Microsoft Execution Containers (MXC). As detailed in a Windows platform security post, MXC is an early-preview, policy-driven execution layer/SDK for agents on Windows and WSL that enforces developer-defined constraints at runtime and abstracts over multiple isolation primitives. The same policy model can map to different isolation constructs, with the post specifically mentioning process and session isolation. Each container is linked to an Entra ID for comprehensive auditing of all file and network activity.

For common workloads, Microsoft engineers highlighted two primary containment modes: lightweight process isolation for high-speed tasks like code generation, and session isolation for agents that interact with the user's desktop or clipboard. A key advantage noted by early testers is that policy enforcement resides at the OS level, potentially eliminating the need for custom sandbox logic within individual applications.

Open governance through Agent Control Specification

Microsoft has also introduced the Agent Control Specification (ACS), an open-source governance language for AI agents. Housed in the Agent Governance Toolkit, ACS uses YAML rules to define policy checkpoints for agent inputs, LLM calls, and tool execution, enabling actions like "allow," "deny," or "escalate." Its cross-framework design is evident through existing adapters for popular tools like LangChain, the OpenAI Agents SDK, and Semantic Kernel.

Furthermore, ACS integrates with the ASSERT evaluation framework, allowing development teams to verify policy compliance without slowing down deployment cycles. The specification's controls are already mapped to critical external standards like the OWASP Agentic AI Top 10 and the EU AI Act, signaling Microsoft's intent to provide a ready-made solution for regulatory alignment.

Context services round out the stack

The stack is completed by the new Microsoft IQ and Work IQ APIs, which were announced as part of the Build 2026 security initiatives. These APIs securely feed enterprise and world knowledge into AI models. Specifically, Work IQ allows agents to access contextual data, such as customer records or product SKUs, without directly exposing sensitive databases, thereby reinforcing the security provided by ACS and MXC.

Together, these components form a vertically integrated AI stack: organizations can create with specialized models, ground their outputs with IQ context layers, run them securely in MXC containers, and manage them with ACS governance policies.