Microsoft takes risks

Windows 11 screen asking for permission to use AI agent. Photo: Windows Latest .

Over the past few weeks, Microsoft has been working to integrate AI agents into Windows. But even the company’s own documentation admits that the technology can be “hallucinated,” behave unpredictably, and even be fooled by attacks that didn’t exist a year ago.

In mid-October, Microsoft announced that it was “turning every Windows 11 PC into an AI PC.” The company launched a series of new AI integrations that would enable “conversations,” allowing the computer to see what’s on screen and let it act on its behalf.

Integrate at your own risk

The latest moves are aimed at turning the Windows 11 taskbar into an AI hub. The Windows 11 search box is being replaced with an “Ask Copilot” interface, which lets you call Copilot with a single click or command. From there, you can monitor agents that can run tasks in the background, just like you would manage regular apps.

Microsoft also doesn’t pretend that the technology is safe or infallible. Its official documentation warns that AI agents “have functional limitations in how they behave and can sometimes hallucinate, creating unintended outcomes.”

Taskbar after integrating AI agent.

One of the biggest risks mentioned is Cross Prompt Injection (XPIA). In this, an AI agent is tricked by malicious content embedded in user interface (UI) components, documents, or applications. This content can override the original instructions and force the chatbot to perform harmful actions such as copying sensitive files or leaking data.

Security researchers have warned that GUI-based AI agents are particularly vulnerable to these types of indirect attacks, as they often have very high privileges. While Microsoft has been transparent about the risks, Copilot has come under fire recently for privacy concerns and is unlikely to be adopted immediately.

Microsoft claims that the agents run under separate accounts, with limited permissions, and anti-tampering logs. However, they still have read and write access to some of the most private locations on your PC, such as Documents, Downloads, Desktop, Videos, Pictures, and Music.

Ambition to replace all tasks with AI

Agent Workspace is the backbone of Microsoft's vision of an Agentic OS. Windows 11 can now create separate sessions for this agent, promising to perform functions like editing files and moving documents without the need for a user.

Each agent will have its own standard account on the PC, which is like a parallel Windows environment but does not directly affect the main working session. Inside it, the chatbot interacts with applications in the same way as a human, such as clicking interface buttons, entering text, scrolling windows, dragging and dropping files and performing multi-step tasks.

How to enable AI-related features on Windows 11.

The Agent Workspace is responsible for deciding what is displayed to agents. Microsoft also uses Access Control Lists to prevent accounts from overstepping their authority. To enable any of these features, users need to enable Experimental Agentic Features, which is disabled by default.

For Microsoft, integrating AI into PCs is a step that cannot be reversed in the context of fierce competition. Apple is also working hard to develop Apple Intelligence, especially when it plans to use a customized version of Gemini. Google is also planning to enter the PC market with Aluminum OS.

While Apple’s upcoming low-cost MacBook, with a full version of Apple Intelligence, has been widely discussed, Windows 11 has been criticized for feeling clunky and processing tasks more slowly. Microsoft’s previous AI feature, Recall, has drawn backlash for its poor security.

“Agent” operating systems are probably inevitable for all vendors. However, according to Window Latest, the important thing is the implementation and Microsoft will need to regain the trust of users in their AI technology.

Source: https://znews.vn/microsoft-bat-chap-rui-ro-post1607379.html