Microsoft issued an updated notice after announcing an agentic overhaul for Windows 11, warning that the new capabilities are experimental and imperfect. Following installation of Windows 11 Build 26220.7262, the operating system exposes a new toggle labeled ‘Experimental agentic features’ in Settings > System under ‘Artificial Intelligence Components.’ The feature is optional and must be enabled manually.
The company warned explicitly that “As these capabilities are introduced, Artificial Intelligence models still face functional limitations in terms of how they behave and occasionally may hallucinate and produce unexpected outputs.” When users enable the toggle, Windows will display a device warning that the capabilities are experimental and might affect the device. The notice frames functional limitations as a user-facing concern, but highlights security implications as the larger issue.
Microsoft and the article emphasize that new attack techniques tied to autonomous agents are already appearing, with cross-prompt injection singled out as a notable vector. In cross-prompt injection attacks, malicious instructions are concealed inside ordinary documents or interface elements so an autonomous agent follows the hidden instructions instead of its original task. That behavior could allow an agent to install malware, leak payment details, or carry out other harmful actions. The updated notice serves to inform users of the risks and to make clear that agentic features are experimental and require explicit user activation.
