Microsoft recently announced that it is inviting Windows Insider Program members to test Copilot Actions, an innovative feature in Windows 11. This AI agent technology promises to revolutionize human-computer interaction, enabling real-world manipulation of local files and applications, performing complex tasks such as updating documents, organizing files, booking tickets, and sending emails. Microsoft says Copilot Actions marks a shift in AI assistants from passive response to proactive collaboration, significantly improving user productivity.
To ensure system security, Microsoft uses an isolated execution environment called "Agent Workspace." This technology is not based on traditional virtual machines or sandboxes, but instead innovatively utilizes "Windows Remote Desktop child sessions." This mechanism maintains a connection to the user's primary desktop while providing complete isolation, effectively preventing the AI agent from directly accessing or interfering with personal data. Furthermore, the Agent Workspaces for different applications are independent, mitigating potential security risks.
Microsoft has established a rigorous security and privacy framework for Copilot Actions. First, each AI agent runs under a separate "standard" Windows account without administrator privileges. Second, by default, agents can only access standard folders like Documents, Downloads, and Desktop; other locations must be configured using Access Control Lists (ACLs). Third, all agents are digitally signed to ensure a reliable source. Finally, this feature is disabled by default and must be manually enabled by the user in Settings > System > AI Components > Proxy Tools. These measures ensure both practical functionality and user privacy.
