I get why some people are suddenly freaking out about AI agents in Windows 11 – I'm worried, too, but let's not panic just yet

1. Computing
2. Software
3. Windows

I get why some people are suddenly freaking out about AI agents in Windows 11 – I'm worried, too, but let's not panic just yet Opinion By Darren Allan published 2 December 2025

Yet more AI controversy is on the boil...

Comments (0) ()

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: fizkes / Shutterstock)

Windows 11 is in the firing line once again, and this time some recent updates to documentation around AI agents have provoked fresh concerns about how these entities will work in the OS – and what threats they might pose.

This latest controversy actually stems from an old support document about 'Experimental Agentic Features' (well, not that old – it was published in October 2025), which Microsoft updated a couple of weeks ago.

As Windows Latest highlighted (via PC Gamer), the documentation was refreshed when Microsoft rolled out the switch to turn on experimental agentic features in Windows 11 test builds (which happened in preview version 26220.7262 in the Dev and Beta channels). This was when the deployment of the first agent, Copilot Actions, was kicked off in testing (this can work with files on your PC to, say, organize a collection of photos and delete duplicates, for example).

You may like

• Windows 11 users rebel as top Microsoft exec says operating system is 'evolving into an agentic OS'
• Microsoft exec says cynics about AI in Windows 11 are 'mind-blowing to me'
• Microsoft reveals plan to 'make every Windows 11 PC an AI PC' with new voice input, Copilot Vision and supercharged AI powers

The reality of Copilot Actions officially going live seems to have got people looking more closely at the fine print, some parts of which are vaguely ominous, while others are more alarming.

Notably highlighted in the media coverage are warnings that AI models "occasionally may hallucinate and produce unexpected outputs", meaning they can get things wrong, or indeed talk absolute garbage. We knew that already, though; it's just the nature of AI – specifically an LLM (large language model) – as a clearly fallible entity.

Also flagged is the warning about AI agents potentially introducing "novel security risks, such as cross-prompt injection", and this is where it gets a lot more worrying.

Of course, Microsoft has been banging on about these possible new attack vectors that might be leveraged via such AI systems since last year. Which is to say that the systems it has been creating for Windows 11 have very much been built with these threats in mind – so hopefully its defenses are going to be tight enough to deflect any such attempted intrusions.

Get daily insight, inspiration and deals in your inbox

Sign up for breaking news, reviews, opinion, top tech deals, and more.

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

As Windows Latest points out, the way AI agents are boxed away in Windows 11 seems pretty watertight. They live in an 'agent workspace' effectively as a separate local user, with a distinct account completely walled off from the user's account, and limited file access based on permissions granted (aside from a handful of default folders).

This should keep these agents contained, and even if compromised, they should theoretically only have limited means of exploiting the system. Of course, the proof will be in the pudding of this system being used in the real world, and the trouble is if we look at the collapsed cake that was Recall – or at least this AI feature's initial design – that doesn't give us much confidence.

Of course, Microsoft has learnt from that episode, right? Well, I certainly hope so, and the security planning behind agent workspaces does seem to be suitably thorough, expansive and much more convincing overall.

You may like

• Windows 11 users rebel as top Microsoft exec says operating system is 'evolving into an agentic OS'
• Microsoft exec says cynics about AI in Windows 11 are 'mind-blowing to me'
• Microsoft reveals plan to 'make every Windows 11 PC an AI PC' with new voice input, Copilot Vision and supercharged AI powers

Read it and weep?

(Image credit: Microsoft)

However, as PC Gamer notes, the biggest issue is that when talking about those novel security risks (cross-prompt injections) and potential nastiness that could be leveraged therein, like data exfiltration – stealing your files – Microsoft has added a new caution in its recent revision of this document. Namely that: "We recommend you read through this information and understand the security implications of enabling an agent on your computer."

That's the most sinister sentence in this document when it comes to the content relating to security. What is this saying? That this is some sort of get-out clause for Microsoft, and you've got to weigh up the risks on your own by poring through documents?

Now, you may think that's reading too much into this, and that's fair enough, but it has certainly sent alarm bells ringing in the articles – and online comments – that are now popping up around this.

It certainly doesn't feel very comforting to read that, but then again, this is early testing for AI agents. Copilot Actions is in a purely experimental phase right now, in fact, so another way of looking at this would be: what do you expect? Sign up now and there probably are some very real risks involved. Just imagine you were using an 'experimental' operating system, and it went down in flames, taking your files with it in the ensuing fireball – you'd only have yourself to blame, wouldn't you?

So, the message is to proceed at your own risk, which at this experimental stage is fair enough really. However, my actual worry here is when these AI agents come to a full implementation in the finished version of Windows 11, can we trust that Microsoft will have realized that in a watertight way?

What if there's a hole in this system somewhere? Given that Microsoft is seemingly breaking even basic things in Windows 11 with some regularity, I can see why folks might be concerned here. I'm nervous, after all, and if something does go wrong, it could be disastrous for the involved users who are running AI agents – and for Microsoft's reputation, too.

The software giant can't afford an episode where AI goes rogue in some wild way, as it will be difficult to recover the trust in Windows 11's agents if an unfortunate episode occurs along these lines.

The best computers for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best computers1. Best Windows: Dell Tower Plus2. Best Mac: Apple Mac mini M43. Best Mac AIO:Apple iMac 24-inch (M4)

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

TOPICS Windows 11 AI Darren Allan

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Windows 11 users rebel as top Microsoft exec says operating system is 'evolving into an agentic OS'    Microsoft exec says cynics about AI in Windows 11 are 'mind-blowing to me'    Microsoft reveals plan to 'make every Windows 11 PC an AI PC' with new voice input, Copilot Vision and supercharged AI powers    “Everybody's under pressure to do more with less” - Why Okta says you need an AI agent governance strategy, and sooner rather than later    Top Windows 11 exec tries to put out flames around agentic AI controversy    "No one wants this" - Microsoft exec hit with barrage of abuse after celebrating Windows evolution to become an "agentic OS"    Latest in Windows Ex-engineer argues Microsoft must fix Windows 11 'until it doesn't suck'    Windows 11 bug causes password sign-in icon to turn invisible somehow    Windows 11 File Explorer fudge works, I just wish it was fixed properly    Windows 10 adoption is stalling, so Microsoft must fix a major issue    Dell paints bleak picture of Windows 11's lack of popularity at End of Life    Windows 11's Notepad gets support for tables and bolstered AI powers    Latest in Opinion Microsoft's warning on 'security implications' of AI agents is causing panic    Sam Altman calls a ‘code red’ for ChatGPT – here’s what it means    Why supply chains are the weakest link in today’s cyber defenses    The new paradigm: a concentration of data in AI demands greater vigilance    Why the most impactful AI strategies still start and end with people    Rebuilding trust in cyber insurance: closing the gap between assumption and evidence    LATEST ARTICLES

1. 1Instagram CEO issues full-time return to office order
2. 2Free open-world RPG Where Winds Meet finally hits mobile next week after a successful PC and PS5 launch
3. 3Metroid Prime 4: Beyond was worth the wait – even if it occasionally gets lost in the desert
4. 4Backbone is launching a limited-edition Backbone Pro controller with a new transparent design just in time for the holidays
5. 5NYT Strands hints and answers for Wednesday, December 3 (game #640)