Microsoft just released a new agentic AI to Windows 11 Insiders, allowing users to take advantage of artificial intelligence to execute tasks like file organization and sending emails. However, the company has confirmed the potential security risks brought about by giving artificial intelligence access to your files in a new support document. Because of this, it created an experimental feature called agent workspace, which gives the AI its own limited profile on your Windows PC.
Agent workspace is similar to a limited user profile on Windows 11, allowing the AI agent to use common apps and files on your system, but preventing it from using software installed only for specific users and from accessing data locked behind the user profile directory (C:\Users\) unless given specific access. Microsoft says that “this setup is more efficient than a full virtual machine such as Windows Sandbox, while still providing security isolation, support for parallel execution, and keeping the user in control.” It has also ensured that AI agents produce logs of everything that they do, must have limited privileges, and can only be accessed by their original creator.
Despite those measures, the company recognizes the inherent risks by giving an AI agent unprecedented access to your machine. “Agentic AI applications introduce novel security risks, such as cross-prompt injection (XPIA), where malicious content embedded in UI elements or documents can override agent instructions, leading to unintended actions like data exfiltration or malware installation.”
Thankfully, Microsoft isn’t forcing this feature on its users (yet). The company says that it’s turned off by default and that you need to specifically turn on the setting in System > AI Components > Experimental agentic features. Aside from that, it also warns that you should understand the security implications of using a system such as this before turning it on, especially as activating it turns it on for all users on your system.
Microsoft has been pushing hard for the adoption of AI, especially with the arrival of its Copilot+ PCs. However, it seems that most buyers do not care about their capabilities and only buy them because they’re what’s available (with some even jumping to macOS because of their frustration with Windows). Aside from this, most of the exclusive features found on these AI devices aren’t that useful for most consumers, and even ones that have potential, like Microsoft Recall, are security nightmares. While this agentic AI might be useful for the average user on the surface, it also has several red flags, even with all the limitations that the company has put on it.
Follow Tom's Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.
