Microsoft Adds Agent Sandboxing to Windows 12 Preview
What Happened
Microsoft released a Windows 12 Insider build featuring "Agent Containers," a Hyper-V-based isolation layer for running AI agents with declared file, network, and registry permissions. Users can grant scoped access without giving agents full user privileges. The feature targets developers running open-source agents and enterprises piloting third-party agent marketplaces.
My Take
This is the OS catching up to a reality that's been quietly forming — agents need their own permission model because the user-account abstraction doesn't fit. Apple will follow within a year, and Linux distros are already there with Flatpak and similar. The strategic implication: enterprise software vendors should start designing for agent-first deployment now, not user-first. The first-mover advantage on agent-native distribution is significant, especially in regulated workflows where audit trails matter.
Read Original Source