Microsoft is warning that new agentic capabilities coming to Windows 11 introduce novel security considerations. The features create dedicated “agent workspaces” and separate local agent accounts so AI agents can access apps and known folders and perform tasks on a user’s behalf functionality that Microsoft says can be enabled only by an administrator and is off by default.
One highlighted risk is cross-prompt injection (XPIA), where malicious content embedded in UI elements or documents could override an agent’s instructions and trigger unintended actions. To address this, Microsoft is proposing design principles for agent security: agents should be observable, produce tamper-evident audit logs, operate with least privilege, and require explicit user approval for sensitive actions.
Microsoft warns AI-driven Windows 11 faces Xpia malware risk | Windows Central
Microsoft warns that new AI agents, which access your Documents and Desktop, introduce novel security risks like Xpia.
windowscentral.com
Top comments (0)