Xbox live is mainly built on a custom VPN protocol. The only part they don't encrypt is their chat in order to allow "lawful intercept". This is a custom protocol to allow this at the level of TCP and UDP called VDP so that you can't really forget to flip the 'don't encrypt' flag for surveillance.
They also switched Skype to using a centralized system for signalling when they acquired it. It's still decentralized at the protocol level, simply Microsoft whitelists their own nodes as supernodes.
Kind of an older article, but illustrates the situation pretty nicely.
Microsoft has also done development work in recent years to enrich the data with more identifiable information and to make the data easier to process for surveillance.
The article you've linked to doesn't seem to implicate them in particular. Apple, Google and dozens of other then-popular companies were also forced into positions of security compromise as well.
Because of the name, however, it was speculated that the key would allow the United States National Security Agency (NSA) to subvert any Windows user's security.
Not only is that poor "proof", how do you propose a public key be used to subvert any user's security?
What is a good example?