Microsoft Warns of Security Risks in New Agentic AI Feature for Windows 11
Summary
Hide ▲
Show ▼
Microsoft is introducing an experimental agentic AI feature in the latest developer preview version of Windows 11, called 'agent workspace'. This feature allows users to automate tasks by granting AI agents access to their applications and data. While the feature is designed with security controls, Microsoft warns that improper use could introduce significant security risks, including cross-prompt injection (XPIA) and malicious actions triggered by crafted prompts. The feature is off by default and should only be enabled by users who understand the security implications.
Timeline
-
24.11.2025 15:32 1 articles · 23h ago
Microsoft Introduces Agentic AI Feature in Windows 11 with Security Warnings
Microsoft has introduced an experimental agentic AI feature in the latest developer preview version of Windows 11, called 'agent workspace'. This feature allows users to automate tasks by granting AI agents access to their applications and data. While designed with security controls, Microsoft warns of significant risks, including cross-prompt injection (XPIA) and malicious actions triggered by crafted prompts. The feature is off by default and should only be enabled by users who understand the security implications.
Show sources
- Microsoft Highlights Security Risks Introduced by New Agentic AI Feature — www.securityweek.com — 24.11.2025 15:32
Information Snippets
-
The 'agent workspace' runs in a separate Windows session, isolated from the user's session, and is only enabled when the user toggles on the experimental feature.
First reported: 24.11.2025 15:321 source, 1 articleShow sources
- Microsoft Highlights Security Risks Introduced by New Agentic AI Feature — www.securityweek.com — 24.11.2025 15:32
-
Agents operate using their own accounts with restricted access to folders unless the user grants additional permissions.
First reported: 24.11.2025 15:321 source, 1 articleShow sources
- Microsoft Highlights Security Risks Introduced by New Agentic AI Feature — www.securityweek.com — 24.11.2025 15:32
-
Enabling the feature creates agent accounts and allows agentic applications like Copilot to request access to users' folders.
First reported: 24.11.2025 15:321 source, 1 articleShow sources
- Microsoft Highlights Security Risks Introduced by New Agentic AI Feature — www.securityweek.com — 24.11.2025 15:32
-
Microsoft warns of risks such as hallucinations and malicious actions triggered by crafted prompts, including data exfiltration and malware installation.
First reported: 24.11.2025 15:321 source, 1 articleShow sources
- Microsoft Highlights Security Risks Introduced by New Agentic AI Feature — www.securityweek.com — 24.11.2025 15:32
-
Agents should operate under the principle of least privilege and should not have higher permissions than the initiating user.
First reported: 24.11.2025 15:321 source, 1 articleShow sources
- Microsoft Highlights Security Risks Introduced by New Agentic AI Feature — www.securityweek.com — 24.11.2025 15:32
-
Microsoft has implemented guardrails to ensure security and privacy, and will gradually roll out agentic capabilities across Windows 11.
First reported: 24.11.2025 15:321 source, 1 articleShow sources
- Microsoft Highlights Security Risks Introduced by New Agentic AI Feature — www.securityweek.com — 24.11.2025 15:32