Business

Microsoft’s new AI features in Windows 11 spark fresh security and privacy concerns

Saturday, 29 November 2025 1:00PM UTC

Microsoft introduces advanced AI tools in Windows 11, offering automation and productivity boosts, but security experts warn of emerging vulnerabilities and privacy risks, prompting cautious adoption.

Microsoft has recently integrated advanced AI capabilities into Windows 11, notably for users in the Insider program, allowing AI to automate various tasks such as sending emails and managing files. These new agentic AI features aim to enhance productivity by enabling the AI assistant to perform real-world tasks, including making restaurant reservations or ordering groceries directly from the desktop. Among the latest upgrades, the Copilot assistant can now be activated by voice command with "Hey Copilot," and Copilot Vision has been expanded globally to offer AI-generated insights based on on-screen content. However, these powerful features come with significant security caveats.

Microsoft itself has issued a cautionary security note addressing potential risks associated with granting AI agents extensive access to users’ files and system features. While these AI enhancements are currently disabled by default, opting to enable them exposes systems to novel vulnerabilities. A key concern is cross-prompt injection attacks, or XPIA, where malicious content embedded in user interface elements or documents can override AI agent instructions. Such manipulations may lead to unintended harmful actions, such as data theft or the installation of malware. Microsoft highlights that AI models, including these new agentic applications, remain prone to hallucinations and unexpected outputs, underscoring the importance of careful user discretion when enabling these features.

To mitigate these risks, Microsoft has introduced an experimental "agent workspace" , an isolated environment where the AI operates with restricted permissions. This workspace limits AI access to certain folders, preventing it from controlling the entire system and thereby reducing the likelihood of security breaches. When enabled, local AI agent accounts are created, which can interact with key folders like Documents, Downloads, and Desktop but remain sandboxed to contain potential threats.

Despite these protective measures, the evolving nature of AI in operating systems raises ongoing concerns among users and security experts alike. Beyond agentic AI risks, privacy issues have been flagged with other AI features Microsoft is developing. For instance, the "Recall" function in Copilot+ PCs, which takes encrypted screenshots of users' screens every few seconds and stores them locally to enhance searchability, has attracted criticism from privacy advocates and data protection authorities. While Microsoft assures users that this feature is optional and under user control, its continuous screenshot capture has prompted debates about its implications for user privacy.

In addition, AI integrations like the new face-scanning feature in OneDrive, capable of identifying faces in photos, have stirred concerns around biometric data handling. Though Microsoft states that this data is stored securely and not used for training global AI models, user control over enabling or disabling the feature remains a critical element, particularly given some earlier confusion about toggle limitations.

Microsoft continues to promote various smart security features within Windows 11, including tools like Microsoft Defender Antivirus, Windows Hello for passwordless authentication, Trusted Platform Module (TPM) hardware protections, and Defender SmartScreen to block malicious websites. These layers of security are vital in a landscape increasingly shaped by AI-assisted tools, reinforcing the balance between innovation and safeguarding user data.

As these AI-driven updates remain in relatively early stages, users are advised to exercise caution when activating new features, especially those granting AI deeper integrations with personal data or system operations. The balance between productivity gains and security or privacy risks is delicate, and Microsoft’s warnings reflect the complexities of embedding AI directly into everyday computing environments. Ongoing user feedback and developer vigilance will be paramount as AI capabilities mature within Windows 11.

📌 Reference Map:

^[1] (ARY News) - Paragraph 1, Paragraph 2, Paragraph 3
^[2] (Reuters) - Paragraph 1
^[4] (Windows Central) - Paragraph 2, Paragraph 3
^[6] (Time) - Paragraph 4
^[5] (Windows Central) - Paragraph 5
^[3] (Microsoft Support) - Paragraph 6
^[1] (ARY News) - Paragraph 7

Source: Noah Wire Services

More on this

https://arynews.tv/microsoft-issues-security-warning-over-new-ai-features-in-windows-11 - Please view link - unable to able to access data
https://www.reuters.com/business/microsoft-launches-new-ai-upgrades-windows-11-boosting-copilot-2025-10-16/ - Microsoft has announced significant AI upgrades for Windows 11, enhancing its Copilot assistant. These updates include a new opt-in feature allowing users to activate Copilot with the voice command 'Hey Copilot' on any Windows 11 device. Copilot Vision has been expanded to all available markets, enabling AI-generated insights based on on-screen content. An experimental feature called 'Copilot Actions' has been introduced, allowing Copilot to perform real-world tasks like making restaurant reservations or ordering groceries directly from the desktop. These upgrades aim to integrate AI more deeply into daily tasks and experiences.
https://support.microsoft.com/en-us/account-billing/stay-protected-on-windows-11-with-smart-security-features-5965fb4f-7a5a-418f-95a7-2fc2e63ecb5a - Microsoft provides guidance on protecting Windows 11 devices with smart security features. Key recommendations include using Microsoft Defender Antivirus to detect and block threats, enabling Windows Hello for passwordless authentication, and utilizing passkeys for secure sign-ins. The article also highlights the importance of hardware security barriers like Trusted Platform Module (TPM) 2.0 chips, keeping the PC updated, and using Microsoft Authenticator for secure account access. Additionally, it discusses Defender SmartScreen for protection against dangerous websites and Smart App Control to block untrusted apps.
https://www.windowscentral.com/microsoft/windows-11/microsoft-warns-security-risks-agentic-os-windows-11-xpia-malware - Microsoft has issued a warning about the new agentic AI capabilities in Windows 11, cautioning users about potential security risks. These features allow AI agents to perform tasks on users' behalf within an 'agentic workspace' and will remain disabled by default due to associated dangers. When activated, the system creates local AI agent accounts that can access key user folders such as Documents, Downloads, and Desktop. Microsoft highlights emerging threats like cross-prompt injection (XPIA) malware, where malicious data can manipulate AI instructions, potentially causing data leaks or malware installation.
https://www.windowscentral.com/microsoft/onedrives-ai-face-scanning-feature-suggests-it-can-only-be-disabled-3-times-a-year-but-that-doesnt-seem-right - Microsoft has introduced an AI face scanning feature in OneDrive, capable of recognizing faces in photos. While officially still in limited preview and not available to all users, the feature has drawn attention due to documentation suggesting that users can only disable it three times per year. This limitation, first highlighted by Slashdot and PCGamer, has raised concerns, although current testing on the OneDrive website shows users can toggle the setting freely without facing that restriction. According to Microsoft's support page, the technology collects facial and biometric data from users’ photos, but promises that this data is never used to train global AI models or shared outside the user’s account. Disabling the feature also results in the permanent deletion of facial grouping data within 30 days. Despite the questionable three-time toggle warning, current functionality allows users to enable or disable facial recognition at will. This inconsistency suggests that the toggle limitation could be outdated. For users worried about privacy, the key takeaway is the potential for full control over this feature — at least for now.
https://time.com/6980911/microsoft-copilot-recall-ai-features-privacy-concerns/ - Microsoft's new AI-integrated products, named Copilot+ PCs, have raised significant privacy concerns. Notably, the 'Recall' feature, which takes encrypted screenshots of users' screens every few seconds and stores them locally, is particularly contentious. Microsoft claims this feature addresses the issue of recalling previously viewed content by allowing users to search their computer's history based on unique relationships and associations. However, privacy experts and the U.K.’s Information Commissioner's Office have expressed concerns about the potential privacy implications, with experts suggesting it could deter usage due to the continuous screenshot functionality. Microsoft states the feature is optional, allowing users control over what is collected and stored, but its announcement has already led to apprehension and scrutiny from data protection bodies.
https://www.tomshardware.com/software/windows/windows-will-now-let-you-swear-at-it-introduces-toggle-to-disable-profanity-filter-for-voice-typing - Microsoft has introduced a new feature in Windows 11 Insider Preview Build 26200.550 that allows users to disable the profanity filter in its voice typing tool. Previously, Windows would automatically censor curse words spoken during voice input by replacing them with asterisks. With the new toggle, accessible via Win + H and the settings icon, users can now choose to have their spoken words—including profanities—transcribed exactly as said. The profanity filter remains enabled by default, preventing inadvertent offensive language in typed documents. The feature was added in response to significant user feedback and is currently limited to Windows Insiders. It will likely roll out more broadly if no significant issues arise. Additionally, the update introduces other experimental features in the Dev Channel, such as Click-to-Do—an AI-driven tool providing contextual on-screen actions—and Improved Search, enabling natural language file lookup. These AI tools require a Copilot+ PC with a Neural Processing Unit (NPU) capable of delivering at least 40 TOPs, as they rely on local rather than cloud-based processing.

Noah Fact Check Pro

The draft above was created using the information available at the time the story first emerged. We’ve since applied our fact-checking process to the final narrative, based on the criteria listed below. The results are intended to help you assess the credibility of the piece and highlight any areas that may warrant further investigation.

Freshness check

Score: 8

Notes: The narrative is recent, with the earliest known publication date being November 18, 2025. ([kotaku.com](https://kotaku.com/microsoft-warns-that-windows-11-ai-might-install-malware-on-your-pc-2000645293?utm_source=openai)) The report is based on a press release from Microsoft, which typically warrants a high freshness score. However, similar content has appeared across various reputable outlets, indicating widespread coverage. No significant discrepancies in figures, dates, or quotes were found. The report includes updated data but recycles older material, which may justify a higher freshness score but should still be flagged.

Quotes check

Score: 9

Notes: Direct quotes from Microsoft regarding the security risks of AI features in Windows 11 have been used in multiple reputable outlets, indicating that the quotes are not exclusive to this report. No variations in wording were found, suggesting consistency in the reporting.

Source reliability

Score: 7

Notes: The narrative originates from ARY News, a news outlet based in Pakistan. While it is a known source, its reputation may not be as established as some other international news organisations. The report references information from reputable sources such as Microsoft Support and Kotaku, which adds credibility. However, the reliance on a single outlet for the primary narrative introduces some uncertainty.

Plausability check

Score: 8

Notes: The claims about Microsoft's new AI features in Windows 11 and the associated security risks are consistent with information from other reputable sources. The report lacks specific factual anchors, such as direct quotes from Microsoft representatives, which would strengthen its credibility. The language and tone are consistent with typical corporate communications, and there is no excessive or off-topic detail.

Overall assessment

Verdict (FAIL, OPEN, PASS): OPEN

Confidence (LOW, MEDIUM, HIGH): MEDIUM

Summary: The narrative presents recent information about Microsoft's new AI features in Windows 11 and associated security risks. While the content is fresh and based on a press release, the reliance on a single source with a less established reputation introduces some uncertainty. The claims are plausible and consistent with information from other reputable outlets, but the lack of direct quotes from Microsoft representatives and specific factual anchors reduces the overall confidence in the report's accuracy.

Microsoft
Windows 11
AI security