Microsoft warns that Windows 11's agentic AI could install malware on your PC (www.windowscentral.com)

Microsoft has warned that forthcoming "agentic" AI features in Windows 11—which create autonomous AI agents that run in a dedicated agent workspace—could potentially install malware or exfiltrate data if misused. The feature is off by default and must be enabled by an administrator (and then applies to all users). When enabled, Windows will create local user accounts for agents and grant them read/write access to known folders in your profile (Documents, Downloads, Desktop, Pictures, Videos, Music) while operating in the agent workspace. Microsoft explicitly calls out novel threats like cross‑prompt injection (XPIA), where malicious content in UIs or documents can override agent instructions and trigger unintended actions. Preview builds with the capability are rolling out to Windows Insiders now; Copilot is confirmed to be among the first apps that will use agentic workspaces. For the AI/ML community this marks a major expansion of agentic deployment into a mainstream OS and introduces a new attack surface and research opportunities. Key implications include the need for robust sandboxing, permission models, tamper‑evident auditing, transparent logging, and human‑in‑the‑loop approval mechanisms—the design principles Microsoft highlights. Researchers and engineers should prioritize defenses against prompt injection, formal verification of agent actions, secure UX for consent, and standardized auditability as agentic systems move from labs into everyday endpoints.