diff --git a/msal/token_cache.py b/msal/token_cache.py
index 66be5c9f..846c8132 100644
--- a/msal/token_cache.py
+++ b/msal/token_cache.py
@@ -126,7 +126,13 @@ def _get(self, credential_type, key, default=None):  # O(1)
 
     @staticmethod
     def _is_matching(entry: dict, query: dict, target_set: set = None) -> bool:
-        return is_subdict_of(query or {}, entry) and (
+        query_with_lowercase_environment = {
+            # __add() canonicalized entry's environment value to lower case,
+            # so we do the same here.
+            k: v.lower() if k == "environment" and isinstance(v, str) else v
+            for k, v in query.items()
+        } if query else {}
+        return is_subdict_of(query_with_lowercase_environment, entry) and (
             target_set <= set(entry.get("target", "").split())
             if target_set else True)
 
diff --git a/tests/test_mi.py b/tests/test_mi.py
index 32f9efae..864d258c 100644
--- a/tests/test_mi.py
+++ b/tests/test_mi.py
@@ -190,6 +190,10 @@ def test_happy_path_of_vm(self):
             headers={'Metadata': 'true'},
             )
 
+    @patch("msal.managed_identity.socket.getfqdn", new=lambda: "MixedCaseHostName")
+    def test_happy_path_of_windows_vm(self):
+        self.test_happy_path_of_vm()
+
     @patch.dict(os.environ, {"AZURE_POD_IDENTITY_AUTHORITY_HOST": "http://localhost:1234//"})
     def test_happy_path_of_pod_identity(self):
         self._test_happy_path().assert_called_with(