New Windows 11 AI agents can work in the background but create new security risks (arstechnica.com)

Microsoft has begun rolling agentic AI deeper into Windows 11: a new Insider build adds an “experimental agentic features” toggle in Settings to enable Copilot Actions, and Microsoft published documentation explaining how these background-capable agents will operate. These agentic assistants are designed to perform multi-step tasks—organizing files, scheduling meetings, sending emails—autonomously so users can focus elsewhere, effectively turning Copilot into an “active digital collaborator.” That shift is significant because embedding autonomous agents at the OS level increases both productivity potential and attack surface. Microsoft acknowledges “novel security risks” — agents can hallucinate or be tricked into executing harmful instructions — and is attempting mitigation through architectural constraints: agents run under separate user accounts with isolated desktops, require explicit user approval for data access, must make their actions observable/distinguishable from user actions, and produce activity logs and supervised action lists for multi-step tasks. The trade-off is clear: agents need enough privileges to be useful but must be tightly sandboxed and auditable to limit abuse. For the AI/ML community this raises follow-on engineering and research priorities around safe autonomous behavior, robust permission models, auditability, and human-in-the-loop verification.