New MCP specification kills old risks but opens fresh attack surfaces, Akamai finds - SiliconANGLE

New MCP specification kills old risks but opens fresh attack surfaces, Akamai finds

A major overhaul of the Model Context Protocol due next month removes several longstanding protocol-level security risks but hands developers a fresh set of attack surfaces to defend, according to research published today by Akamai Technologies Inc.

The analysis examines the MCP 2026-07-28 specification, the biggest architectural change to the standard since Anthropic PBC created it to connect artificial intelligence agents to external tools and data. The final version is scheduled for release on July 28, following a release candidate published in May and carries a 12-month deprecation window for some legacy functionality. Akamai’s researchers call it the protocol’s transition from a local, single-user tool into a platform built for enterprise-scale, cloud-native deployment.

The rebuild closes off a class of risks that defined earlier versions. Previous releases relied on a stateful initialization process that established long-lived sessions through the Mcp-Session-Id header, a high-value target because an attacker who stole one could impersonate an authenticated user.

The new specification removes protocol-managed sessions entirely, eliminating that vector. It also strictly limits the server-initiated prompts that earlier versions allowed, which had let a compromised server interrupt users with unsolicited and potentially malicious requests. A move to mandatory OAuth 2.1, with legacy password and implicit grants gone and protections such as PKCE required, further cuts the authentication risk.