Hello Windows Insiders, we are excited to begin rolling out a new update for the Microsoft Copilot app on Windows that introduces the following changes and improvements: Copilot Actions: Windows Insiders can now use Copilot Actions to perform tasks directly on local files in Windows in an Agent Workspace, a contained, policy-controlled, and auditable environment. As a general-purpose agent, simply describe the task you want to complete in your own words, and the agent will attempt to complete it by interacting with desktop and web applications in a contained environment separate from the interactive user session – like a separate desktop instance just for Copilot. Whether you need a hand sorting through your recent vacation photos, organizing your Downloads folder, converting your files, or need to extract info from a PDF, Copilot Actions can do the heavy lifting for you based on the context of what’s on your PC. At this time, Copilot Actions is an experimental Copilot Labs feature which may make mistakes or encounter challenges with complex interfaces, please monitor their work closely. We welcome your feedback as we seek to improve the experience. At any time, you can take over the task or check in on the progress of the action, including reviewing what actions have been taken. We’ll be starting with a narrow set of use cases while we optimize model performance and learn. You can find more information about our security and privacy controls here, and FAQs here. To get started, select “Take Action” from the drop down in the composer. Optionally, provide Copilot Actions with files or folders by selecting “Attach file” or “Attach folder” from the + button. Copilot will then take a few moments to create a Desktop, before starting to work on your task. [caption id="attachment_178407" align="alignnone" width="800"] UI showing how Copilot Actions performs tasks directly on local files in Windows in an Agent Workspace.[/caption] This Copilot app update (version 1.25112.74 and higher) is beginning to roll out across all Insider Channels via the Microsoft Store.  The above-mentioned feature is gradually rolling out to Insiders worldwide, excluding EEA, so not all Insiders will get the update right away. We are excited to be previewing improvements with our Insiders to ensure all our customers have a great Copilot experience on Windows. FEEDBACK: Please provide feedback directly within the Copilot app by clicking on your profile icon and choosing “Give feedback”. Thanks, Microsoft Copilot and Windows Team

Microsoft is moving forward with its plans to turn Windows 11 into a full-fledged “AI” operating system amidst Copilot backlash.

The first big move in that direction is an experimental feature called “Agent Workspace,” which gives AI agents access to the most-used folders in your directory, such as Desktop, Music, Pictures, and Videos. It will also allow AI agents to have their own runtime, desktop, user account, and ability to always run in the background if you turn on the feature.

New agentic features in Windows 11

As soon as I installed Windows 11 Build 26220.7262, Windows Latest noticed a new toggle “Experimental agentic features” inside the “AI Components” page in the Settings app > System.

This turns on “Agent Workspace,” but it doesn’t work right now, and if you’re wondering, it’s only available to Windows Insiders in the Dev or Beta Channel.

What are AI Agents and how do they work?

Before I explain what an Agent Workplace is, you need to understand AI Agents. If you’ve ever used ChatGPT, you might have come across ‘Agents.’ AI Agents have their own interface, and they navigate just like a human.

For example, if you ask ChatGPT’s Agent to book a travel, it’ll open Chromium on Linux in an Azure container, search the query, visit different websites, navigate each page and book a flight ticket using your saved credentials. An AI Agent tries to mimic a human, and it can perform tasks on your behalf while you sit back and relax.

That’s the core idea Silicon Valley is trying to sell.

Up until now, these Agents have been limited to cloud containers with Chromium and Linux terminal access, but as Microsoft wants Windows 11 to become an “AI-native” OS, it’s adding Agent Workspace.

Agent workspace is a separate, contained Windows session made just for AI agents, where they get their own account, desktop, and permissions so they can click, type, open apps, and work on your files in the background while you keep using your normal desktop.

Instead of letting an agent act directly as you, Windows spins up this extra workspace, gives it limited access (like specific folders such as Documents or Desktop), and keeps its actions isolated and auditable.

Each agent can have its own workspace and access rules, so what one agent can see or do doesn’t automatically apply to others, and you stay in control of what they’re allowed to touch.

I find the idea of Agent Workspace a bit similar to Windows Sandbox, but it’s not designed with security or privacy in mind, and it could be one of the ways to have fun with AI on Windows 11.

When you toggle on the feature, Windows warns that it could hurt performance and affect your security or privacy controls, but it’ll give you access to new “agentic” experiences in the OS.

Windows 11 lets AI agents into your Documents and Desktop folders

When you turn on the feature, you’re giving agents access to apps and even local folders, such as Desktop, Music, Pictures, and Videos.

Agent Workspace requires access to apps or private folders to perform actions on your behalf. Microsoft insists that it’s taking care of security implications by giving Agent Workspace its own authorisation (a separate account, similar to your user account), runtime isolation. Each agent will have its own defined set of dos and don’ts.

The idea is to give Agents their own backyard on your PC, and let them run in the background all the time. You’ll be able to monitor the logs and keep an eye on agent activity.

While each agent gets its own account, independent of your personal account, an agent would still need access to your personal folders, such as Documents and Desktop. You’ll be asked to grant permissions to the following:

• apps in Windows
• personal folders, mostly downloads, documents, and desktop, etc.

AI Agents may have performance issues

In our tests, Windows Latest observed that the experimental toggle warns of potential performance issues, and it makes sense.

AI agents are going to run in the background all the time and use RAM or CPU, depending agent’s activity. However, Microsoft’s early benchmarks suggest they won’t really drain PCs of their power. Microsoft says AI Agents will use a limited amount of RAM and CPU, but it won’t tell us how limited the ‘limit’ is.

By default, these agents are lightweight, but the catch is that some Agents could be resource-intensive.

Microsoft insists it deeply cares about power users

Ironically, this new agentic experience has been announced after Microsoft’s Windows boss promised to improve Windows for everyone, including developers, whom it deeply cares about.

While the Experimental Agents Feature is optional, it makes it quite obvious Microsoft will not stop investing in AI for Windows 11, and Agentic OS is the future, whether you like it or not.

The post Windows 11 to add an AI agent that runs in background with access to personal folders, warns of security risk appeared first on Windows Latest

The Workspace tool that helps you easily create videos is giving more users access to its AI features.

Microsoft added GPT-5.1 as an experimental model in Copilot Studio for early release Power Platform environments, enabling customers to test new capabilities ahead of general availability.

AI-Powered Threats Demand AI-Powered Defense 
 

While AI supports growth and innovation, it is also reshaping how organizations address faster, more adaptive security risks. AI-driven security threats, including “vibe-hacking”, are evolving faster than traditional defenses can adapt. Attackers can now combine reinforcement learning (RL) with LLM capabilities in code generation, tool use, and multi-step reasoning to create agents that act as autonomous, adaptive cyber weapons. These agents can mutate attacks and bypass defenses in real time—outpacing human response teams.   

Traditional security tools, built on static rules and signatures, are quickly becoming obsolete. To stay protected, enterprises need to adopt AI-powered cybersecurity systems that learn, anticipate, and respond as intelligently as attackers. This is where Adversarial Learning, a critical new frontier in security, comes in. By continuously training attack and defense models together, we can build an autonomic defense system against weaponized AI. However, achieving real-time security requires scaling transformer-based architectures and optimizing them for ultra-low-latency inference at massive scale.  

This post highlights how Microsoft and NVIDIA are transforming adversarial learning research into real-time, production-grade cyber defense—leveraging GPU-accelerated computing to deliver scalable, adaptive protection.  

Strategic Collaboration: Building Real-Time Threat Detection   

Once trained, deploying transformer models for live traffic analysis demands an inference engine that can match the volume and velocity of production workloads—without compromising detection accuracy. Through joint engineering efforts, Microsoft and NVIDIA achieved breakthrough performance by transitioning from CPU to GPU compute:   

Metric	CPU Baseline	GPU Baseline   Triton on NVIDIA H100	GPU Optimized    Triton on NVIDIA H100   with further optimizations
End-to-End Latency	1239.67 ms	17.8 ms	7.67 ms
Throughput	0.81 req/s	57 req/s	> 130 req/s
Detection Accuracy	–	–	>95% on adversarial benchmarks

This end-to-end latency, which includes network latency, demonstrates the viability of deploying adversarial learning at an enterprise scale.  

Microsoft’s Contributions: Adversarial Learning, Model Training & Optimization  

To achieve high detection accuracy on adversarial traffic, Microsoft researchers trained and optimized transformer-based classifiers to detect malicious payloads.  

Key innovations included:  

• Adversarial learning pipeline  

• Model distillation and architecture  

• Security-specific input segmentation that enabled NVIDIA to develop parallel tokenization  

These enhancements laid the foundation for high-precision detection and enabling AI models which can generalize across diverse attack variants.  

NVIDIA Contributions: Accelerating Inference at Scale  

Beyond baseline GPU acceleration, two NVIDIA innovations were critical to achieving real-time latency targets:   

1. Optimized GPU Classifier (NVIDIA Triton + TensorRT):  

NVIDIA engineered a custom TensorRT implementation of Microsoft’s classifier, fusing key operations into a single CUDA kernel to minimize memory traffic and launch overhead.  In particular, normalization operations were automatically fused into kernels of preceding operations by TensorRT, while custom CUDA kernels were developed to optimize both sliding window attention and dense layer activation functions. All custom kernels were then compiled together into a TensorRT engine and served via the Triton-TensorRT C++ backend to minimize host overhead.    

Overall, the NVIDIA solution led to significant performance boosts compared to standard GPU solutions, reducing forward-pass latency from 9.45 ms to 3.39 ms. This represented a 2.8× speedup and contributed 6.06 ms of the total 10.13 ms end-to-end latency reduction reported in the performance breakdown above.   

  

2. Domain-Specific Tokenization  

After optimizing the threat-detection classifier, the data pre-processing pipeline emerged as the next major performance bottleneck. Traditional tokenization techniques often fall short when it comes to leveraging parallelism within a sequence. While whitespace-based segmentation may suffice for conventional content like articles or documentation, it proves inadequate for densely packed request strings. These strings, common in security-sensitive environments, resist balanced segmentation, leading to inefficiencies in downstream processing.   
   
To address the challenges of processing dense machine-generated payloads, NVIDIA engineered a domain-specific tokenizer optimized for low-latency environments. By integrating segmentation points developed by Microsoft, tailored to the structural nuances of machine data, the tokenizer unlocked finer-grained parallelism, delivering a 3.5× reduction in tokenization latency. These cumulative engineering breakthroughs will enable Microsoft to deploy a high-performance threat-detection classifier capable of efficiently handling a wide range of sequence lengths in real-time.  

Inference Stack:   

• Serving: NVIDIA Triton Inference Server  

• Model: NVIDIA TensorRT implementation of Microsoft’s threat classifier   

• Tokenizer: Custom tokenizer optimized for security data  

  

Custom CUDA Kernels:   

• Embedding + LayerNorm  

• Residual Add + LayerNorm  

• GeGLU activation  

• Bidirectional sliding window flash attention  

  

Real-World Impact   

Speed: Real-time classification enables truly inline adversarial detection for production traffic, without introducing queueing delays.  

Scale: Sustained GPU throughput (> 130 req/s on H100); supports high-traffic endpoints and bursty workloads.   

Accuracy: >95% detection accuracy on representative adversarial inputs provides robust coverage against rapidly evolving attack variants.   

What’s Next   

The roadmap and deep engineering collaboration continues to push the boundaries of real-time threat-detection. Future efforts will explore advanced model architectures for adversarial robustness and advanced acceleration techniques such as quantization. The next phase will significantly broaden the impact of adversarial learning in practical cybersecurity applications. By training models on malicious patterns, we’re equipping them to manage higher traffic volumes and increasingly intricate payloads—while maintaining strict latency constraints. These innovations collectively lay the foundation for faster, more robust defenses that can keep pace with the escalating scale and complexity of today’s AI-driven cyber threats.  

To learn more about this research, join us at the Security Preday event on Monday, November 17 starting at 1 pm Pacific or at the NVIDIA booth on Thursday, November 20 at 10:35 am Pacific.  Please visit the Ignite event Website https://ignite.microsoft.com/en-US/home for details on how to register. 
 

Special thanks to key contributors to this research: Sami Ait Ouahmane (Microsoft), Rachel Allen (NVIDIA), Mohit Ayani (NVIDIA), Francis Beckert (Microsoft), Nora Hajjar (Microsoft), Rakib Hasan (NVIDIA), Yingqi Liu (Microsoft), Navid Nobakht (Microsoft), Rohan Varma (NVIDIA), and Bryan Xia (Microsoft)  

The post Collaborative research by Microsoft and NVIDIA on real-time immunity appeared first on Microsoft Security Blog.

Fresh off the biggest OneDrive moment of the year, Stephen and Arvind return with a full recap of the Copilot + OneDrive event—breaking down the announcements, the behind-the-scenes surprises, and the features that are already reshaping how we work.

From personalized intelligence with the FAB button to the future of search, photos, and Researcher, the team walks through the four major themes of the show and shares what it was like to step on camera as part of the launch. They even react to the unexpected blooper reel that made its way into the final cut!

This episode also features a special guest: Belle Podeanu, product manager behind the brand-new Transfer Ownership experience. Belle walks through how the team redesigned this critical workflow end-to-end—from modernized emails to shared-file filtering to smarter move-and-keep-sharing options—all built to reduce data loss and simplify transitions when employees leave.

Download audio: https://traffic.libsyn.com/clean/secure/syncup/Sync_Up_Episode_v3_111425.mp3?dest-id=1486229