Microsoft announced a fundamental restructuring of its Windows operating system to natively support autonomous AI agents. According to the company, this will transform Windows into what executives call an “agentic OS,” designed to allow software programs to perform complex, multi-step tasks on behalf of users. The changes were presented at Microsoft’s Ignite conference.
The new system is built on a native infrastructure integrated directly into Windows 11. This allows AI agents to operate in secure and policy-controlled environments, separate from a user’s primary session. Pavan Davuluri, President of Windows & Devices at Microsoft, stated that the goal is for users to “simply express your desired outcome, and agents handle the complexity.”
New infrastructure for AI agents
The new architecture includes several core components:
- Agent Workspace: This feature creates an isolated and auditable environment for agents to run. Microsoft describes it as a parallel desktop session with a distinct agent identity, minimal permissions by default, and separation from the user’s data and activities.
- Agent Connectors: Based on the open standard Model Context Protocol (MCP), these connectors allow agents to discover and interact with applications and system tools. Microsoft will provide built-in connectors for File Explorer and System Settings, enabling agents to manage files or change settings with user permission.
- User Interface: Users will be able to launch agents from the taskbar using “@” mentions in a new “Ask Copilot” interface. The taskbar will also display the progress of agent tasks through badges and notifications.
Microsoft states that its security model is “secure by default” and requires explicit user consent before an agent can access resources like files for the first time. The company positions its adoption of the open MCP standard as a strategic choice against the proprietary systems of competitors like Apple and Google.
However, the announcement has also raised security concerns and user skepticism. Reports indicate that when the “Agent Workspace” is enabled, it grants agents read and write access to users’ personal folders, such as Documents, Desktop, and Downloads, by default. While this access is necessary for agents to perform tasks, it highlights potential security risks. Furthermore, some users have responded negatively to the announcement, arguing that Microsoft should prioritize the operating system’s core reliability and performance over integrating more AI features.
Sources: VentureBeat, ZDNet, Windows Latest
