Nex Computer, a company that makes hardware designed to turn your phone into a laptop, is working on something new: the NexPhone. It's a midrange phone that's designed to double as your computer and comes with Android and Linux installed, both of which will offer desktop experiences when plugged into a monitor.

But the NexPhone's best trick is that it can dual-boot into Windows 11, essentially becoming a full Windows PC when hooked up to a display - and also offers a mobile UI that pays tribute to Windows Phone when it's unplugged. It's a delightfully geeky attempt to answer the age-old question: Why can't your smartphone just be your whol …

Read the full story at The Verge.

The rise of AI Agents marks one of the most exciting shifts in technology today. Unlike traditional applications or cloud resources, these agents are not passive components- they reason, make decisions, invoke tools, and interact with other agents and systems on behalf of users. This autonomy brings powerful opportunities, but it also introduces a new set of risks, especially given how easily AI agents can be created, even by teams who may not fully understand the security implications. 

This fundamentally changes the security equation, making securing AI agent a uniquely complex challenge – and this is where AI agents posture becomes critical. The goal is not to slow innovation or restrict adoption, but to enable the business to build and deploy AI agents securely by design.  

A strong AI agents posture starts with comprehensive visibility across all AI assets and goes further by providing contextual insights – understanding what each agent can do and what it connected to, the risks it introduces, how it can be harden, and how to prioritize and mitigate issues before they turn into incidents. 

In this blog, we’ll explore the unique security challenges introduced by AI agents and how Microsoft Defender helps organizations reduce risk and attack surface through AI security posture management across multi-cloud environments. 

Understanding the unique challenges  

The attack surface of an AI agent is inherently broad. By design, agents are composed of multiple interconnected layers – models, platforms, tools, knowledge sources, guardrails, identities, and more. 

Across this layered architecture, threats can emerge at multiple points, including prompt-based attacks, poisoning of grounding data, abuse of agent tools, manipulation of coordinating agents, etc. As a result, securing AI agents demands a holistic approach. Every layer of this multi-tiered ecosystem introduces its own risks, and overlooking any one of them can leave the agent exposed. 

Let’s explore several unique scenarios where Defender’s contextual insights help address these challenges across the entire AI agent stack. 

Scenario 1: Finding agents connected to sensitive data 

Agents are often connected to data sources, and sometimes -whether by design or by mistake- they are granted access to sensitive organizational information, including PII. Such agents are typically intended for internal use – for example, processing customer transaction records or financial data. While they deliver significant value, they also represent a critical point of exposure. If an attacker compromises one of these agents, they could gain access to highly sensitive information that was never meant to leave the organization. Moreover, unlike direct access to a database – which can be easily logged and monitored – data exfiltration through an agent may blend in with normal agent activity, making it much harder to detect. This makes data-connected agents especially important to monitor, protect, and isolate, as the consequences of their misuse can be severe. 

Microsoft Defender provides visibility for those agents connected to sensitive data and help security teams mitigate such risks. In the example shown in Figure 1, the attack path demonstrates how an attacker could leverage an Internet-exposed API to gain access to an AI agent grounded with sensitive data. The attack path highlights the source of the agent’s sensitive data (e.g., a blob container) and outlines the steps required to remediate the threat. 

Scenario 2: Identifying agents with indirect prompt injection risk 

AI agents regularly interact with external data – user messages, retrieved documents, third-party APIs, and various data pipelines. While these inputs are usually treated as trustworthy, they can become a stealthy delivery mechanism for Indirect Prompt Injection (XPIA), an emerging class of AI-specific attacks. Unlike direct prompt injection, where an attacker issues harmful instructions straight to the model, XPIA occurs where malicious instructions are hidden in external data source that an agent processes, such as a webpage fetched through a browser tool or an email being summarized. The agent unknowingly ingests this crafted content, which embeds hidden or obfuscated commands that are executed simply because the agent trusts the source and operates autonomously. 

This makes XPIA particularly dangerous for agents performing high-privilege operations – modifying databases, triggering workflows, accessing sensitive data, or performing autonomous actions at scale. In these cases, a single manipulated data source can silently influence an agent’s behavior, resulting in unauthorized access, data exfiltration, or internal system compromise. This makes identifying agents suspectable to XPIA a critical security requirement. 

By analyzing an agent’s tool combinations and configurations, Microsoft Defender identifies agents that carry elevated exposure to indirect prompt injection, based on both the functionality of their tools and the potential impact of misuse. Defender then generates tailored security recommendations for these agents and assigns them a dedicated Risk Factor, that help prioritize them. 

in Figure 2, we can see a recommendation generated by the Defender for an agent with Indirect prompt injection risk and lacking proper guardrails – controls that are essential for reducing the possibility of an XPIA event. 

In Figure 3, we can see a recommendation generated by the Defender for an agent with both high autonomy and a high risk of indirect prompt injection, a combination that significantly increases the probability of a successful attack.  

In both cases, Defender provides detailed and actionable remediation steps. For example, adding human-in-the-loop control is recommended for an agent with both high autonomy and a high indirect prompt injection risk, helping reduce the potential impact of XPIA-driven actions. 

Scenario 3: Identifying coordinator agents 

In a multi-agent architecture, not every agent carries the same level of risk. Each agent may serve a different role – some handle narrow, task-specific functions, while others operate as coordinator agents, responsible for managing and directing multiple sub-agents. These coordinator agents are particularly critical because they effectively act as command centers within the system. A compromise of such an agent doesn’t just affect a single workflow – it cascades into every sub agent under its control. Unlike sub-agents, coordinators might also be customer-facing, which further amplifies their risk profile. This combination of broad authority and potential exposure makes coordinator agents potentially more powerful and more attractive targets for attackers, making comprehensive visibility and dedicated security controls essential for their safe operation 

Microsoft Defender accounts for the role of each agent within a multi-agent architecture, providing visibility into coordinator agents and dedicated security controls. Defender also leverages attack path analysis to identify how agent-related risks can form an exploitable path for attackers, mapping weak links with context. 

For example, as illustrated in Figure 4, an attack path can demonstrate how an attacker might utilize an Internet- exposed API to gain access to Azure AI Foundry coordinator agent. This visualization helps security admin teams to take preventative actions, safeguarding the AI agents from potential breaches.  

Hardening AI agents: reducing the attack surface 

Beyond addressing individual risk scenarios, Microsoft Defender offers broad, foundational hardening guidance designed to reduce the overall attack surface of any AI agent. In addition, a new set of dedicated agents like Risk Factors further helps teams prioritize which weaknesses to mitigate first, ensuring the right issues receive the right level of attention. 

Together, these controls significantly limit the blast radius of any attempted compromise. Even if an attacker identifies a manipulation path, a properly hardened and well-configured agent will prevent escalation. 

By adopting Defender’s general security guidance, organizations can build AI agents that are not only capable and efficient, but resilient against both known and emerging attack techniques. 

Build AI agents security from the ground up 

To address these challenges across the different AI Agents layers, Microsoft Defender provides a suite of security tools tailored for AI workloads. By enabling AI Security Posture Management (AI-SPM) within the Defender for Cloud Defender CSPM plan, organizations gain comprehensive multi-cloud posture visibility and risk prioritization across platforms such as Microsoft Foundry, AWS Bedrock, and GCP Vertex AI. This multi-cloud approach ensures critical vulnerabilities and potential attack paths are effectively identified and mitigated, creating a unified and secure AI ecosystem. 

Together, these integrated solutions empower enterprises to build, deploy, and operate AI technologies securely, even within a diverse and evolving threat landscape. 

To learn more about Security for AI with Defender for Cloud, visit our website and documentation. 

This research is provided by Microsoft Defender Security Research with contributions by Hagai Ran Kestenberg. 

The post A new era of agents, a new era of posture  appeared first on Microsoft Security Blog.

Help make Astro a sustainable open source project by sponsoring our community maintainers.

Surface is a premium endpoint, designed and built by Microsoft to run Microsoft technology. When it comes to the classroom, Surface Copilot+ PCs bring the best of Microsoft—hardware, Windows, Microsoft 365¹, and Microsoft 365 Copilot¹—into one teaching device, delivering intelligent experiences more securely on‑device and in the cloud. For educators, this means every lesson and interaction is powered by a device purpose-built for teaching and learning in the digital era.  

Why Surface for Education? 

Surface Copilot+ PCs, combined with Windows 11, give teachers a powerful platform designed to simplify teaching and elevate learning. With lightning-fast performance, educators can create engaging lessons, generate content, and personalize instruction. Windows 11 features like Snap Layouts, Click to Do², and Copilot Voice streamline multitasking and lesson prep, while intuitive touch, pen³, and voice input make teaching feel natural. Together, Surface and Windows 11 help deliver a more secure, AI-supported solution that can save time, support creativity, and help teachers focus on what matters most—students.  

Engage students with AI-enhanced learning 

Picture a classroom where every student is actively engaged, their curiosity sparked by lesson plans and quizzes thoughtfully designed by teachers with the help of AI. Microsoft Learning Zone, included with all Microsoft Education licenses at no extra cost⁴, is an AI-powered learning app for Windows 11 designed to help educators create engaging lessons. The app’s AI powered lesson creation feature is designed specifically for Copilot+ PCs. Thanks to the Copilot+ PC’s built-in Neural Processing Unit (NPU), these devices offer fast, reliable performance by running AI models directly on the device and combining them with cloud-based capabilities when needed. This hybrid approach helps Microsoft Learning Zone generate lessons quickly and keeps the experience smooth, secure, and ready for classroom use. It also helps educators streamline lesson planning with interactive activities, instant feedback, and personalized learning pathways. For example, teachers can use Microsoft Learning Zone to develop Kahoot! quizzes for a whole class or to prepare individualized learning experiences like personalized practice questions based on recent student performance, while keeping student data more secure and private.  

Surface Copilot+ PCs can also help teachers use AI in context to streamline lesson prep and administrative tasks, so they can spend less time on administration and more time inspiring students. For example, teachers can engage with Copilot in a single click using the Copilot key⁵ on a Surface keyboard or by saying “Hey Copilot” out loud. And using pen, touch, and voice commands in conjunction with Teach in Microsoft 365 Copilot⁶ running on Surface, teachers have a central hub for generating lesson plans, quizzes, rubrics, flashcards, feedback, and more. They can transform ideas and research into engaging lectures in moments, tailor instruction to meet the needs of every learner, and connect with colleagues to share best practices.  

Recently, we also announced the Microsoft Elevate for Educators skilling program along with more AI-powered experiences purpose-built for education, including the Study and Learn agents in Microsoft 365 Copilot, and Study Guide. Microsoft Elevate helps equip educators with the AI skills they need for the classroom of the future. Delivered through platforms like Microsoft Learn and Minecraft Education, these flexible learning paths ensure that educators can build AI fluency at their own pace, whether they're just beginning their journey or advancing to specialized applications. Read more about Microsoft Elevate and other AI tools for education here. 

In classrooms where both teachers and students are using Surface Copilot+ PCs, Live Captions⁷ with on-device automatic translation can help make spoken content accessible to all students, including students with hearing impairments. The NPU transcribes and translates audio in real time, supporting 40+ languages into English, all processed on-device versus the cloud.  

Ideally with Surface Copilot+ PCs and Microsoft’s AI-powered tools, technology fades into the background in the classroom, helping teacher creativity and connection take center stage and enabling student learning to be more dynamic, inclusive, and impactful.  

Empower the classroom of the future, today 

Surface Copilot+ PCs, purpose-built by Microsoft, are designed to be the foundation for today’s classrooms and the launchpad for tomorrow’s AI innovations. With Windows evolving as the canvas for intelligent AI and agents, Surface devices and Windows together form an essential, AI-assisted platform for educators. 

Now, every teacher can activate Copilot agents⁸ directly on their Surface device to act as a digital teaching partner. These agents can adapt to each teacher’s unique style, streamline daily routines, and unlock new possibilities for student learning. Building agents is simple: teachers or IT can use ready-made templates or create custom agents using natural language, all within the familiar Surface and Windows environment. 

Surface’s intuitive hardware—touchscreen, pen, voice, and the dedicated Copilot key—makes accessing AI support effortless. Teachers can get immediate answers to classroom questions, troubleshoot tech issues, or navigate school resources using natural input methods. By combining Copilot’s intelligent capabilities with Surface’s secure hardware, educators can gain a more personalized, efficient, and protected teaching experience ready for the future of learning. 

In addition, Surface Copilot+ PCs help support the full range of learning needs by delivering the performance and experience required for the education tools students and educators depend on every day. Surface devices are designed to work with common education apps like TestNav for assessments, Minecraft Education for STEM, Adobe Express for creativity, and assistive technologies such as JAWS. 

And, going forward, the built-in NPU on Copilot+ PCs like Surface enables Microsoft and other educational software providers to develop innovative new AI experiences that can run on the device, in the cloud, or both. 

Boost productivity and collaboration 

In the classroom, Surface Copilot+ PCs can become the teaching command center: always ready, always responsive. With a simple voice command, Copilot Voice and improved Windows Search⁹ instantly pull up lesson plans, student materials, or answers to unexpected questions, freeing instructors from frantic searches and giving back precious prep time.  

Collaborating on Surface is intuitive and efficient. Teachers can quickly save lesson materials in Teams or OneDrive¹ and share them with students for interactive feedback. Whether teachers are leading a lively discussion in person, connecting with students remotely, or conferencing with colleagues via video, Windows Studio Effects on Copilot+ PCs ensure they’re always seen and heard clearly. Subtle features like background blur, eye contact, and automatic framing help maintain a professional presence, so the focus stays on interacting with students or other teachers—not on the tech. 

And Surface Copilot+ PCs are designed to empower mobility in and outside the classroom. With extended battery life and lightweight devices, teachers are no longer tethered to a desk or a charger. They can move about freely, interact with students, project and present seamlessly, and focus on teaching. For example, on a Surface Pro with Surface Pen inking, Dual Studio Mics, and natural language prompts in Copilot, teachers can annotate readings, capture ideas by voice, and generate lesson materials on the fly—without breaking the flow of instruction. 

Throughout the day, Surface Copilot+ PCs can also help teachers anticipate what’s next. Context-aware Windows Search doesn’t just find files—it suggests smart next steps, like opening a document in Word or sharing it with a colleague, streamlining workflows. When inspiration for a lesson strikes, Click to Do lets teachers quickly summarize, explain, or create new content on the fly, helping them build engaging lectures and materials in real time. Surface’s vibrant touchscreen and Snap Layouts can help keep resources organized and visible, supporting a productive work experience.  

And, most importantly, Surface devices help safeguard faculty, staff, students, and sensitive school data with advanced security and remote management features¹. As innovations advance in AI, Microsoft and Surface provide built-in protection at every layer—hardware, firmware, operating system, cloud, software applications, and identity. 

Surface Copilot+ PCs are more than just devices—they’re partners in teaching, learning, and innovation. By combining Microsoft’s advanced hardware, intuitive software, and powerful AI, Surface empowers educators to engage students, boost productivity, and modernize their classrooms, all while keeping data more secure and private. 

 

Visit Surface.com/Business to learn more.  

Students, parents and educators can save up to 10% on select Surface devices and more at the Microsoft Store.¹⁰ 

 

Disclaimers: 

1. Sold separately. Software license required for some features. 
2. Click to Do. Copilot+ PC feature. Image actions now available across devices; other actions vary by device, region, language, and character sets. Subscription required for some actions. Learn more.  
3. Surface Pen sold separately. Surface Slim Pen (2nd Edition) experiences and compatibility vary by which Surface device you are using it with. Visit Surface Slim Pen Compatibility to learn more. 
4. Microsoft Learning Zone requires a Microsoft 365 Education Essentials, Core (A3), or Advanced (A5) license. Microsoft Education licenses. 
5. Copilot key feature availability varies by market, see aka.ms/keysupport. 
6. This feature is only available to Faculty/Staff with a Microsoft 365 for Education license. Teach in the Microsoft 365 Copilot App. 
7. Copilot+ PC feature. Live Captions translates video and audio subtitles into English from 40+ languages and from 25+ languages into Chinese (Simplified). See Copilot+ PC FAQs. 
8. Copilot with commercial data protection is available at no additional cost for users with an Entra ID with an enabled, eligible Microsoft 365 license. Copilot for Microsoft 365 sold separately and requires a qualifying volume license or subscription - Microsoft Copilot for Microsoft 365 | Microsoft 365. Minimum age limits apply to use of Copilot and certain AI features. Details. 
9. Copilot+ PC feature. Improved Windows search works with specific text, image, and document formats only; optimized for select languages (English, Chinese (Simplified), French, German, Japanese, and Spanish). See Copilot+ PC FAQs. 
10. Microsoft Store Education discount is available to K-12 and higher education students, faculty and parents. Education discount only valid on select products, and may not be combinable with other offers. See terms and conditions at Education & Student Discounts on Laptops, Microsoft 365, Windows, Surface | Microsoft Store 

Posted by Georgia Doyle, Senior UX Writer and Content Designer, and Kanu Tibrewal, Software Engineer

How it works

In the 'Changes not yet sent for review' section of the Publishing overview page, select ‘Save for later’ on the groups of changes that you don’t want to include in your next review. You can view and edit the list of saved changes, and return them to the Publishing overview if you change your mind. Once the review has started, your saved changes will be added back to ‘Changes not yet sent for review’.

• If issues are isolated to an individual track, we’ll show you an error beside that change, so you know what to save for later in order to proceed to review with your other changes.
• If you have issues that affect your whole app, for example, App content issues, Save for later will be unavailable and you will need to fix them before you can send any changes for review.

Greater flexibility in your workflows

Our goal for Save for later is to give you greater flexibility over your release schedule. With this feature you can manage what changes you send for review, and address issues affecting individual tracks without holding up ready-to-release changes, so you can iterate faster and minimize the impact of rejections on your release timeline.

Hello Windows Insiders, today we are beginning to roll out updates for Notepad and Paint apps to Windows Insiders in the Canary and Dev Channels on Windows 11.

Notepad (version 11.2512.10.0)

In this update, we’re introducing multiple improvements to Notepad. First, we are expanding support of lightweight formatting to include additional Markdown syntax features. This includes strikethrough formatting and nested lists. To get started, explore these new options in the formatting toolbar, keyboard shortcuts, or by editing the Markdown syntax directly. [caption id="attachment_178546" align="alignnone" width="956"] Notepad app screenshot of a nested list and strikethrough formatted created using the Increase indent command.[/caption] We are also introducing a new welcome experience in Notepad designed to help users discover and learn about the app’s latest and most useful features. This dialog provides a quick overview of what’s possible in Notepad and serves as a helpful starting point for both new and returning users. You can close it anytime and revisit it later by clicking the megaphone icon in the top-right corner of the toolbar. [caption id="attachment_178547" align="alignnone" width="1024"] Notepad app screenshot of the updated “What’s New” first run experience.[/caption] Finally, we are expanding support for streaming results for AI text features. Whether generated locally or in the cloud, results for Write, Rewrite, and Summarize will start to appear quicker without the need to wait for the full response, providing a preview sooner that you can interact with. To use Write, Rewrite, and Summarize in Notepad, you will need to sign in with your Microsoft account. FEEDBACK: Please file feedback in Feedback Hub (WIN + F) under Apps > Notepad.

Paint (version 11.2512.191.0) 

In this update, we’re introducing two new features to Paint, Coloring book and fill tolerance slider. Coloring book, an AI-powered feature that lets you create unique coloring book pages from a text prompt. To get started, open Paint and select the Coloring book option from the Copilot menu. Once the side panel is open, type in a description of the coloring book you want to create, like “a cute fluffy cat on a donut” or "a house with a garden and fence" and hit the Generate button. Paint will then generate a set of unique coloring book pages based on your prompt. Once the coloring book pages are generated, you can click on any one of them to Add to canvas, copy, or save it for later use. [caption id="attachment_178548" align="alignnone" width="1024"] Paint app showing a cat on a donut coloring book page.[/caption] Coloring book will be available only on Copilot+ PCs. To use Coloring book, you will need to sign in with your Microsoft account. We’re also adding a fill tolerance slider, giving you control over how precisely the Fill tool applies color. To get started, select the Fill tool and use the slider on the left side of the canvas to adjust the tolerance to your desired level. Experiment with different tolerance settings to achieve clean fills or creative effects. [caption id="attachment_178550" align="alignnone" width="1024"] Paint app showing Fill tool with tolerance set to 8% versus 18%.[/caption] FEEDBACK: Please file feedback in Feedback Hub (WIN + F) under Apps > Paint. As always, we love getting feedback from the community and we will be looking out for your thoughts and suggestions on these updates! Thanks, Dave Grochocki, Principal Group Product Manager – Windows Inbox Apps