A few days ago, a high-ranking Microsoft executive characteristically gushed about how Windows is becoming an agentic OS with a focus on AI features, a sentiment that was met with intense scrutiny on social media. Today, we have our first look at what that eventuality could look like, with AI agents working by your side in the background in Windows 11 Insider Build 26220.7262, as detailed by the Windows Insider Blog.
This latest update adds a new "Experimental agentic features" toggle in settings, which creates a separate desktop environment called the "Agent Workspace." Think of it like Windows Sandbox; still isolated from the rest of the system, but Microsoft says it's supposed to be more efficient than virtualization. Unfortunately, Agent Workspaces are not functional right now beyond a simple toggle.
(Image credit: Windows Latest)
The idea behind this concept stems from agents in ChatGPT or Copilot Actions. They're little digital assistants carrying out mundane tasks on your behalf, such as scrolling through documents, pointing and clicking at various things, and maybe even booking a flight for you. Previously, features like these operated in the cloud in a virtualized window, but now Microsoft wants them to run locally on your computer.
Each time an AI workspace is created, a different AI agent is in charge of that, with its own customized access to "known folders" like Downloads and Desktop. Because the Agent Workspace is its own separate entity, everything is logged with a clearly traceable path of everything the agent saw or performed. You can set up rules for all the agents and allow access to connect to apps (like Copilot) which have agentic feature support.
What are Known Folders? "Known folders" are six of the most common, standard directories inside Windows that can be automatically backed up and synced to a cloud service like Microsoft's OneDrive. These include Documents, Downloads, Desktop, Videos, Pictures, and Music.
It all sounds like a privacy nightmare, but Microsoft says "security in this context is not a one-time feature — it’s a continuous commitment." AI agents are turned off by default, so creating Agent Workspaces is a deliberate choice that even Microsoft acknowledges has some tradeoffs, advising users to only opt in if they're comfortable with letting agents poke around within the PC's data.
"We recommend that you only enable this feature if you understand the security implications outlined on this page. This setting can only be enabled by an administrator user of the device and once enabled, it’s enabled for all users on the device including other administrators and standard users."
Once the setting is enabled, AI agents can gain read/write access to certain aforementioned folders if you grant them the necessary permissions. Therefore, these agents can access files in those places, which is needed in order for them to work for you. Microsoft claims that this is safe because each Agent Workspace has its own isolated runtime and "scoped authorization". But, in practice, it remains to be seen whether these claims hold water.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter Get Tom's Hardware's best news and in-depth reviews, straight to your inbox. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors
... continue reading