Overview
- Windows Insiders now see an Experimental agentic features toggle that enables Agent Workspace, running AI agents in a separate Windows session with least‑privilege access, consent prompts, and audit logs.
- Microsoft warns the features are off by default and admin‑enabled only, noting novel risks such as prompt/XPIA injection and the potential for agents to install malware if misled.
- When permitted, agents gain scoped read/write access to Windows ‘known folders’ like Documents, Desktop, Downloads, Pictures, Videos, and Music to carry out local multi‑step tasks.
- New UI previews integrate agents into the taskbar and Ask Copilot box with @‑invocation, live status badges, and a floating interaction window; some capabilities require Copilot+ PCs.
- Agent 365 enters early access as an enterprise registry and control plane to discover, approve, monitor, and block AI agents—including third‑party bots—with availability via Microsoft’s Frontier program and requiring at least one Microsoft 365 Copilot license.