Microsoft want you to use AI that might install malware

[bilateralrope]

Microsoft detail 'agentic AI' plan for Windows 11, immediately admit it might install malware on your PC

Oh come on

News by James Archer Hardware Editor
Published on Nov. 19, 2025

Microsoft have delivered a timely reminder that AI isn’t just effective at injecting ugly, soulless anti-art and nonsense robochat into your games – it also has the power to ruin your entire PC.

MS recently updated a support article explaining the 'agentic AI' features they plan to roll out for Windows 11, which involve creating a separate desktop instance and allowing AI 'agents' to perform supposedly menial tasks (like file sorting and email sending) within it. All while you kick back on your main workspace, online shopping for the third yacht that the AI revolution has surely enabled you to afford. Unfortunately, among the agents’ capabilities is the risk of installing malware.

Specifically, the article warns that agentic AI may "introduce novel security risks, such as cross-prompt injection (XPIA), where malicious content embedded in UI elements or documents can override agent instructions, leading to unintended actions like data exfiltration or malware installation.” Sounds awful. Terrible! Clearly not the kind of vulnerability that Microsoft could possibly allow to stand and oh no wait they’re going through with it anyway, with the first experimental versions already being live via the Windows Insider programme.

There are token safeguards: the 'agent workspace' is disabled by default, and can only be enabled by someone with admin privileges. But it’s hardly reassuring when the only way to use these features safely is to not use them, at all. And you would stay at effectively zero risk of XPIA attacks if you didn't, as these types of malware are engineered to target large language models (LLMs) rather than humans.

It’s likely inevitable that Windows 11 will swell up with agentic AI at some point; Microsoft have been talking about it for months, and with Windows 10 having lost (of all things) its security updates, it’s not like fleeing to the older OS is a long-term alternative. But putting it in users’ hands when the AI involved hasn’t been sufficiently trained to avoid obvious, often plain-English phishing or malware injection scams is spectacular arrogance. Unless it’s some kind of Valve inside job to make us all buy SteamOS-powered Steam Machines, but I’m not sure their wheelie desks would roll that far.

Motoring critics often use the phrase "Car Brain" to illustrate how otherwise rational, sensible drivers suddenly lose their empathy and perception functions as soon as they sit behind a steering wheel. I’d like to propose the usage of "AI Brain" to describe the phenomena of ostensibly intelligent technologists instantly abandoning any sense of responsibility, creativity, good product design, and in many cases, basic human decency the minute they have artificial intelligence in front of their face. AI Brain can be easily identified through symptoms such as excessive LinkedIn posting and the vocalisation of gibberish about how their company needs to steal other people’s work, actually.

Recall was bad. To the point where I haven't seen anyone try to defend it without coming across as not understanding it.

This sounds worse.

[Alferd Packer]

The asskicker is that Windows 10 is still receiving updates until 2032 through its long-term support channel. This is intended for kiosks, cash registers, POS systems, etc., but anyone with a little technical knowhow can upgrade(side-grade?) their Windows 10 install to still receive updates.

But if you're on Windows 11 (full disclosure, I did upgrade and only mildly regret it at this juncture), your only real hope to avoid all this shit is that the AI bubble bursts and all these implementations get canceled.

[Broomstick]

My Windows 10 machine died and is most sincerely dead so I wound up with Windows 11

Installation was whack-a-mole with swatting aside ads to BUY STUFF then more whack-a-mole to turn off shit that was either not needed or intrusive or both.

I use as little of Micro$ucks pre-installed software as possible. Not that the alternatives are that much better, but I do what I can. Do most of my stuff on a local account I set up. Keep most of my stuff in detachable hard drives. I'm not saying my solution is the best - I'm sure it's not and someone can come along to poke holes in it - but like I said I do what I can.

AI is NOT a good thing at this point, and more and more it looks like a solution in search of a problem. Why the fuck is it being pushed so damn hard?

[Alferd Packer]

AI is NOT a good thing at this point, and more and more it looks like a solution in search of a problem. Why the fuck is it being pushed so damn hard?

The take that I've heard that makes the most sense to me is that we're going through something similar to the dotcom bubble/bust of 2000. Then, we had a new technology (the internet) but we didn't really understand it, and we certainly didn't understand how to make money with it. Lots of e-commerce websites popped up, the attendant hosting infrastructure, ad networks, etc. because everyone wanted to be the first big breakout site and make tons of money. But the people didn't follow. Most still had dial-up, if they had internet access at all. And so the bubble popped, most of those sites vanished, and the internet slowly matured into what we know it as today over the next 5-10 years as we came to understand it.

25 years later, we're back in a new bubble with AI. We have a new technology that we don't understand. We certainly don't know how to make money with it. Everyone is trying to position themselves to be the first/best provider of this technology. The people aren't following. Maybe AI will suddenly get good and amazing and all this investment will pay off, but I wouldn't bet on it. What's the old saying? "History doesn't repeat itself, but it sure does rhyme."