Windows is becoming an “agentic OS”, but do you really need one? 

Executive summary 

  • At its latest annual conference, Microsoft announced that they want Windows to go from a passive tool to an “agentic OS” capable of performing complex tasks without constant user input. 
  • While the productivity potential is massive, this move has sparked controversy regarding data privacy, resource usage, and the risks of giving AI too much of a say. 
  • Our recommendation is that UK businesses take a cautious “hurry up and wait” approach to the agentic future, using Group Policy or Intune to control these features until security standards mature. 
     

Introduction 

Remember when computers used to just sort of sit there, and wait for you to press a button? 

Well, those days are officially numbered. 

That’s because, following announcements at Ignite 2025, Microsoft’s annual conference, it’s clear that the tech giant is very much heading down the “agentic” route. 

That word “agentic” is probably going to be buzzword of the year 2026, but it basically refers to AI that can actually do things for you.  

And Microsoft’s betting that users want an OS that works the same way. But there’s a very fine line between a helpful assistant like Copilot and a security nightmare – and right now, UK businesses are trying to figure out where this new path falls on that spectrum. 

Let’s break it down. 

What on earth is an agentic OS? 

To understand the odd mix of panic and excitement generated by an agentic OS, you first have to look at the difference between a chatbot and an agent. It’s a distinction that can make a big difference to your data security as a business. 

So: 

  • A chatbot is like a library. You open it up, you ask for information, and it answers whatever question you have with the resources it has access to. It’s a passive experience, meaning you still have to read the information, process it, and decide what to do next. If you ask Copilot to write an email for you, it’ll give you the text, but you still have to review it and hit send. 
  • An agent is more like a research assistant. You give it a goal, and it heads off and does the work while you sit back and work on other stuff. To do this right, an AI agent will need permission to open your apps, read your emails, navigate the web, and make whatever decisions are necessary to achieve its goal. 

If Windows becomes a truly agentic OS, it means that it will be able to “see” see what’s on your screen. It’ll be able to move files, draft emails, and send them if you give permission. 

The idea is that, rather than clicking around the OS to find what you need, you just talk to Windows either via text or voice in natural language – as you do today with tools like Copilot. So, you could say “Plan a business trip to Manchester for next Tuesday” and the OS might: 

  • Check your calendar for conflicts. 
  • Book the train tickets using your saved corporate card. 
  • Reserve a hotel within your company budget. 
  • Email your team to say you’ll be out of the office. 

It sounds brilliant. But it also sounds a tad unnerving. 

The challenges of an agentic OS 

There are three main headaches that could potentially cause business owners to lose sleep: 

  • The privacy problem. For an agent to be truly useful, it needs to know everything. It needs access to your payment details to book that train and it needs to read your private emails to know who you’re meeting. If your OS is constantly watching so it can become a better agent, that’s a lot of trust to place in software connected to the internet. 
  • The rogue agent risk. If a human employee deletes a folder by mistake, you can usually restore it. If an autonomous AI agent decides a folder is “redundant” and pops it in the trash, you have a much bigger problem. There’s also the security angle to consider. If a hacker compromises an agentic OS, they could theoretically simply ask the agent to “bundle up all financial data and email it to this external address.” The agent, thinking it’s being helpful and following a command, would just do it. 
  • The resource heavy lift. Running AI that’s constantly watching, thinking, and acting takes a pretty big toll on hardware. These features demand high-end NPUs (Neural Processing Units). So if you have a fleet of older laptops, they’re probably going to struggle. You might find that your shiny new agentic OS makes your computer feel five years older than it actually is, forcing a hardware refresh cost that you weren’t expecting. 

The good bits (because it’s not all doom and gloom) 

We’re being cautious here, certainly, but we aren’t turning our backs on progress.  

There’s a reason Microsoft’s pushing this so hard, and the potential for productivity is very real. Consider just a few places where an agentic OS could make a meaningful difference: 

  • Finance at month-end: Instead of manually matching invoices to bank activity, an agent could run through hundreds of transactions in seconds and surface anything that looks iffy for immediate human review. 
  • Sales operations: An agent could watch incoming emails, auto-update your CRM with new details, schedule any follow-ups, and prepare meeting briefs before a sales rep even opens their laptop. 
  • Everyday workflows: When it’s working well, it clears out the drudgery – handing the “robot work” to actual robots. That’s the promise. We just need to make sure the price of entry isn’t our security posture. 

What you need to do right now 

The bottom line is that AI is clearly the way the wind is blowing. That means the agentic OS is probably coming whether we like it or not. But you can prepare your business so you’re ready when the tech matures. 

  1. Audit your data permissions. If an AI agent acts on behalf of a user, it has that user’s permissions. If someone in Marketing has access to the CEO’s payroll folder “by accident” because of some poorly configured permissions, the AI agent has that access too. So now is absolutely the time to triple-check how you’re handling your internal data. 
  2. Update your “acceptable use” policy. Your staff are probably going to be tempted to use these features as they appear on their home PCs – it’s human nature. So, you need a clear policy on which AI tools are permitted for which work tasks. Make sure they know that “letting the AI do it” isn’t an excuse for data leaks. 
  3. Talk to us about the roadmap. The team at Get Support is monitoring the Microsoft 365 roadmap daily. We know which updates are just cosmetic and which ones are fundamental changes to how your OS behaves – so we’re always available to answer any questions you might have.  

If you’re worried about what the new Windows updates mean for your compliance or security, speak to your Get Support Customer Success Manager or call our team on 01865 594 000.