Microsoft is encountering significant pushback from security experts and users regarding its strategy of integrating advanced artificial intelligence into its Windows operating system. The criticism centers on a new experimental feature called Copilot Actions, which Microsoft itself has warned could expose users to malware and data theft.
The company introduced Copilot Actions as a set of agentic features capable of performing tasks like organizing files and sending emails. However, the announcement was accompanied by a warning that the feature introduces “novel security risks.” According to Microsoft, these risks stem from known flaws in large language models, such as “prompt injection.” This vulnerability allows attackers to embed malicious instructions in websites or documents, which the AI can then execute, potentially leading to data exfiltration or malware installation. Microsoft recommends that only experienced users who understand these implications should enable the feature, which is currently turned off by default in beta versions of Windows.
Security experts have responded with skepticism. Independent researcher Kevin Beaumont compared the situation to Microsoft’s long-standing but often-ignored warnings about macros in Office applications, calling the new AI feature “macros on Marvel superhero crack.” Critics like Reed Mideke argue that since AI developers cannot yet prevent these flaws, Microsoft’s warning serves mainly to shift liability to the user. This is particularly concerning, they note, because even experienced users may find it difficult to detect a sophisticated AI-based attack.
Broader user frustration
The security concerns are part of a wider frustration among Windows users with Microsoft’s focus on AI. In response to the growing cynicism, Microsoft AI CEO Mustafa Suleyman stated he was “mind blowing” that people are unimpressed with the ability to have a fluent conversation with an AI.
Suleyman’s comments came at a time when users have negatively reacted to the company’s plan to evolve Windows into an “agentic OS.” This followed a report from The Verge which found that Copilot’s current abilities often do not match what is shown in advertisements. According to Windows Central, many users feel Microsoft is neglecting fundamental issues with its platform to push AI features that they did not ask for. While the company has acknowledged it has “a lot of work to do,” its leadership’s statements signal a firm commitment to its AI-centric vision for the future of Windows.
Sources: Ars Technica, Windows Central
