- Microsoft is preparing the ground to test AI agents in Windows 11
- A new blog post provides some key details on how these agents will work
- Microsoft is stressing the security and privacy aspects of keeping agents contained and managed, but fears remain
We've been hearing a lot from Microsoft about how Windows 11 is evolving into an agentic OS of late, and now we have a better idea of exactly where those AI cogs fit into the machinery of the desktop OS.
In a new preview build (26220.7262) for the Dev and Beta channels, Microsoft highlighted an addition to Windows 11 in Settings in the AI Components department, where there's a new slider to turn on 'experimental agentic features'.
What does that mean? Microsoft points to a blog post that offers a lot more info, explaining that: "Windows is introducing a new experimental feature – agent workspace – available in a private developer preview for Windows Insiders in a release coming soon. This early preview reflects our phased approach to delivering agentic capabilities, starting with limited access to gather feedback and strengthen foundational security."
So, it's important to note that this is experimental, and will only be engaged with by a niche set of Windows 11 testers as part of a special developer preview.
However, Microsoft also goes into some illuminating detail as to how AI agents will be implemented in Windows 11, for both businesses and consumers.
Microsoft tells us that "agent workspaces represent a key step in enabling intelligent, agent-powered computing", and this is the environment in which these AI agents will work.
That workspace will be boxed off from the rest of Windows 11 for security reasons, and the user will be able to grant the agent access to specific apps and files – the content the AI needs – so it doesn't have the ability to freely roam through your system and folders.
Any given agent will have its own account in Windows 11, separate to the user's account, and it'll be able to run in parallel to whatever the user is doing, completing tasks autonomously alongside them.
Microsoft notes: "This dedicated agent account establishes clear boundaries between agent activity and your own, enabling scoped authorization and runtime isolation. As a result, you can delegate tasks to agents while retaining full control, visibility into agent actions, and the ability to manage access at any time."
Every agent can be given different permissions and configured separately from other AI instances.
Microsoft is stressing security and file access permissions, then, and also the fact that these agent workspaces are designed to be lightweight, so they won't chomp through system resources. Although depending on what you have the agent doing, there will, of course, be a level of performance impact.
Various AI agents will be in Windows 11 eventually, and Microsoft already has Copilot Actions on the boil, an agent that can take on basic grunt-work in the operating system – such as, say, sorting through a folder library of backed-up photos and removing any duplicate images. Another revelation was Manus AI, an agent that can manage more complicated tasks, like building a website from content that you provide it with.
Analysis: a key moment for Microsoft's big AI vision
Microsoft is laying down the caveats from the get-go with Windows 11's agentic features, which is no surprise really. They are experimental for developers to try out initially, and the blog post notes that AI can make mistakes (and 'hallucinate', essentially meaning go off the rails completely). When such an entity has access to your files, there obviously need to be some comprehensive ground rules (including limiting that access to the minimal required level for whatever task the AI is doing).
Still, the complexity of having these AI agents working within Windows 11 is naturally making people nervous – myself included. I look at how Microsoft approached Recall, another major piece of the puzzle for AI (with Copilot+ PCs), and it doesn't exactly reassure me. It was an extremely messy affair if you recall, from the blundered launch onwards.
On one hand, hopefully this made Microsoft learn some hard lessons – and that knowledge is going to make AI agents better. Fingers firmly crossed.
But on the other hand, the litany of mistakes in Windows 11 just does not inspire much confidence – when even basic things are broken in seemingly random fashion at times with bugs in Microsoft's monthly updates. This is where the company clearly must be very careful, because the first time an AI agent goes awry… well, this is territory Microsoft can't afford to put a foot wrong in. Because if that happens, and trust is lost in AI agents, that could be very difficult for Windows 11 to come back from.
Microsoft is talking a good security game, though, and again mentions defending against new security risks that AI agents could be vulnerable to – such as cross-prompt injection – and other precautions such as having full logs kept on the agent's activity within Windows 11.
However, all this must successfully translate to the reality of a super-secure environment for these agentic applications to be confined to and managed with. Only time will tell on that score, and meanwhile, all this is playing out to a tirade of negative feedback about why Microsoft is pursuing this course with AI, when there are many more fundamental issues with Windows 11 which need attention. And again, that comes back to if there's shakiness around those foundational aspects, it's easy to be fearful that AI agents could misfire somehow.
➡️ Read our full guide to the best computers
1. Best Windows:
Dell Tower Plus
2. Best Mac:
Apple Mac mini M4
3. Best Mac AIO:
Apple iMac 24-inch (M4)
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.