Microsoft just revealed how Windows 11 is evolving into an agentic OS — finally the explanation we’ve all been waiting for

by

Microsoft recently released details about how Windows 11 is becoming more intelligent and proactive. The company says the next generation of Windows will be built around artificial intelligence, allowing your computer to handle tasks for you automatically. We now have a clearer understanding of how this will function.

Microsoft is working to make apps more helpful and secure for both individuals and businesses. To achieve this, they’re introducing a new, experimental feature called ‘agent workspace.’ This feature is currently available as a private preview for Windows Insiders, and Microsoft will be gathering feedback to improve it and ensure its security before a wider release. This limited initial access is part of a planned, step-by-step approach to adding these new ‘agentic’ capabilities to Windows.

The company describes agent workspaces as isolated areas within Windows. These spaces allow agents to access your apps and files to perform tasks for you in the background, without interrupting your work. To use this feature, you first need to turn on a new setting called ‘experimental agentic features’.

Each agent has its own separate account, different from your personal one. This keeps the agent’s actions clearly separate from yours, improving security and control. You can give agents tasks with confidence, knowing you maintain complete oversight of what they do and can manage their access whenever needed.

Currently, each AI agent will have its own dedicated Windows session – essentially its own virtual desktop. This allows the AI to run applications alongside the user, similar to how multiple user accounts work on a single computer. Microsoft explains that these virtual workspaces are designed to be efficient and secure, using only the necessary computing resources based on what the AI is doing.

This approach is faster and more streamlined than using a complete virtual machine like Windows Sandbox, but still keeps your system secure. It allows you to run things at the same time and puts you in charge. We’re constantly working to improve how it works and make sure it’s transparent, safe, and gives users control.

Microsoft emphasizes that security is paramount when developing AI-powered experiences on Windows 11. They view these “agent workspaces” as a crucial advancement in intelligent computing, and stress that security isn’t a simple addition, but an ongoing process. As these AI features improve and become more widely available, Microsoft promises to continually update and strengthen their security measures at every stage.

When building agentic OS experiences, our company emphasizes three key security principles that need to be adhered to.

  • Non-repudiation: All actions of an agent are observable and distinguishable from those taken by a user.
  • Confidentiality: Agents that collect, aggregate or otherwise utilize protected data of users meet or exceed the security and privacy standards of the data which they consume.
  • Authorization: Users approve all queries for user data as well as actions taken.​​​​​​​

I was really interested to see they’ve laid out some key guidelines for how AI assistants on Windows should be built – things like security and overall design. It’s good to know they’re thinking about this stuff from the start to make sure these AI tools are safe and work well.

  • Agents are autonomous entities. They are susceptible to attack in the same ways any other user or software components are. Their actions must be able to be contained.
  • Agents must be able to produce logs outlining their activities. Windows should be able to verify these actions with a tamper-evident audit log.
  • Agents should provide a means to supervise their activities. Many activities of agents are aggregate plans containing multiple steps. Users should be able to review the steps and approve the plan and monitor the execution of the plan. Agents must be able to explicitly request a user’s authorization or decision where necessary.
  • Agents should always act under the principles of least privilege and must not be granted permissions or capabilities exceeding that of the initiating user, including administrative rights. Authorized agent privileges should be granular, specific and time bound. Agents must only be able to access sensitive information (e.g. credit card data) in specific, user-authorized contexts such as for carrying out specific actions, such as when interacting with specific applications, or on specified websites.
  • Entities on the system – admin, local system, etc. – should not have special access to an agent other than the owner which it acts on behalf of.
  • Windows is designed to help agents adhere to Microsoft’s commitments made in the Microsoft Privacy Statement and Responsible AI Standard . Windows will support agents in processing data only for clearly defined purposes, ensuring transparency, and trust.

I’m seeing that Microsoft is really committed to bringing AI assistants – what they call ‘agentic AI’ – to Windows 11. It looks like any apps or services wanting to use these AI features within Windows 11 will have to meet specific rules and standards to work properly on the platform.

Windows 11’s AI features will work in a dedicated, isolated space, separate from your own. They’ll only access information you specifically provide. This design helps keep things secure and prevents the AI from going astray or misusing data, while also making it easy to stop if needed. It’s the best way to ensure these features are dependable and safe to use.

Microsoft has revealed that Copilot Actions will be among the first apps to use its new, more advanced AI features. Other developers will also be able to create their own AI assistants within their applications, all built using the same technology Microsoft shared today.

Read More

2025-11-18 02:40