Microsoft Cuts the OpenAI Cord. Claude Code Ships Security Fixes.
Microsoft replaced GPT-4 in Copilot with its own Polaris model. The same day, Claude Code hardened against shell injection. Three players, three bets.
By Springvanta
Microsoft spent years pitching Copilot as "ChatGPT for your code editor." Yesterday at Build 2026, Satya Nadella walked onstage in San Francisco and cut that pitch loose. The model running inside GitHub Copilot for 4.7 million paying subscribers is being replaced. Not upgraded. Replaced with something Microsoft built itself.
The new model is called Project Polaris, and starting in August it becomes the default for every Copilot plan. GPT-4 Turbo, the OpenAI model that has sat under the most widely used AI coding tool on the planet, gets demoted to a three-month fallback. After that, it's gone from the default path.
This is the cord being cut. Microsoft and OpenAI ended their seven-year exclusive partnership in April. Now the practical consequence has landed: the tool most developers interact with every day is leaving OpenAI's models entirely.
What Polaris actually is
Polaris is a mixture-of-experts model. Instead of running the full network on every request, it routes each query to specialized sub-modules tuned for specific programming languages. Microsoft says the biggest quality gains show up in low-resource languages like Rust and Haskell, where training data is thin and general-purpose models tend to struggle.
It runs on Microsoft's own Maia AI accelerators inside Azure. That's a deliberate stack play: Microsoft now controls the model, the inference silicon, and the developer tool. The company claims this lowers per-inference latency and cost compared to the GPT-4 backend it replaces.
There's a catch. The claim that Polaris outperforms GPT-4 Turbo on HumanEval and MBPP comes entirely from Microsoft. No independent auditor has verified those numbers. When the company building the model tells you it beats the model it's replacing, that's exactly the kind of claim worth testing yourself before trusting with production code.
Copilot became a multi-agent system
The model swap grabbed the headlines, but the change that hits developers sooner is multi-agent mode for VS Code. Copilot no longer routes everything through a single agent. An orchestrator now decomposes a task and spawns parallel subagents for linting, test generation, documentation, and security review simultaneously.
GitHub Copilot Workspace also reached general availability. GitHub CEO Thomas Dohmke called it "the biggest change to Copilot since launch." It lets Copilot reason across an entire repository, propose multi-file edits, run tests, and iterate on a scoped task.
Autonomous Agent Mode for Copilot Enterprise ships in July. The platform can write, test, and commit entire feature branches, with each task running inside an ephemeral Linux sandbox. Every change still requires human approval before merge.
The Microsoft Agent Framework, which hit 1.0 in April, was MIT-licensed at Build. Azure Agent Mesh, a control plane for routing agent tasks across Windows servers, Cloud PCs, and Azure Arc edge devices, is targeted for Q4.
The cost problem didn't go away
None of these announcements addressed the usage-based billing model that went live June 1, the day before Build. AI Credits metering replaced flat fees. One developer's Copilot bill jumped to $750. Multi-agent mode, by definition, runs more model calls in parallel. More agents means more tokens. More tokens means a higher bill. Teams planning to use the new agentic features should meter their costs carefully before turning on parallel subagents at scale.
Security researchers at PromptArmor demonstrated a crafted command that bypasses the Copilot CLI's read-only allowlist and executes an external payload without confirmation. A separate team from Johns Hopkins showed that GitHub Actions-based AI agents are vulnerable to "Comment-and-Control" attacks, where hidden instructions in pull request titles cause agents to leak API keys. More autonomous agents means more surface for these attacks.
The same day, across town
While Microsoft was announcing its independence from OpenAI, Anthropic shipped Claude Code v2.1.160. The release is mostly fixes, but one change stands out: Claude Code now prompts before writing to shell startup files like .zshenv, .bash_login, and ~/.config/git/. The acceptEdits mode also gained guards for build-tool config files like .npmrc and .pre-commit-config.yaml that can grant code execution.
This is the kind of quiet security hardening that doesn't make a keynote but matters to teams running coding agents against real repositories. Claude Code also fixed a batch of background-agent bugs: sessions dropping chat history on restore, agents re-running prompts after overnight retirement, socket failures on cold start. The "ultracode" keyword replaces "workflow" as the trigger for dynamic multi-agent orchestration.
What this means for teams picking tools
The coding agent market has consolidated into a three-way race, and this week clarified the stakes for each player.
Microsoft's bet is vertical integration: model, silicon, IDE, and deployment platform all owned by one company. The upside is consistency. The downside is lock-in. If Polaris underperforms on your stack, the escape hatch is a three-month fallback that expires in November.
Anthropic's bet is depth over breadth. Claude Code runs in the terminal, doesn't try to be an IDE, and focuses on agentic orchestration across complex codebases. The security hardening in v2.1.160 is the kind of thing that matters when you're trusting an agent with write access to production repos.
OpenAI's Codex is the third player, running on your machine and competing directly with both. The market is now competitive enough that switching costs are real but not insurmountable. Teams should be testing at least two of these tools against their actual codebase, not benchmark scores.
The practical move right now: if your team uses Copilot for production work, test Polaris during the fallback window. Run your real workflows against it. The automatic migration in August removes the choice. And before enabling multi-agent mode anywhere, audit your agent permission scopes and turn on secret scanning.
Sources:
- Microsoft Build 2026 official live blog, Microsoft (Jun 2, 2026)
- Microsoft Is Cutting GPT-4 Out of Copilot, Let's Data Science (Jun 2, 2026)
- Claude Code v2.1.160 release notes, GitHub (Jun 2, 2026)
- Microsoft Agent Framework at Build 2026, Microsoft DevBlogs (Jun 2, 2026)
- Project Polaris and Foundry Local at Build 2026, Awesome Agents (Jun 2, 2026)