Microsoft introduced Copilot Cowork for Microsoft 365, turning requests into plans that execute across apps and files within enterprise security and governance boundaries. Teams evaluating office agents should watch approvals, app coverage, and durable execution across its multi-model setup.
Copilot Cowork is Microsoft 365's move from chat-style assistance to delegated execution. In Microsoft's own description via the launch demo and the announcement wording, the system takes a request, generates a plan, and works across the user's apps and files instead of staying inside a single document or chat pane.
The enterprise control story is central to the launch. The product text captured in the product screenshot says identity, permissions, and compliance policies "apply by default," actions and outputs are auditable, and Cowork runs in a "protected, sandboxed cloud environment." That same text says durable execution is meant to let tasks keep progressing safely across devices, which matters more than the flashy demo language because it defines whether these agents can run as background workflows instead of interactive copilots.
A concrete example from the walkthrough post shows the intended workflow: prep for a meeting by scanning email, drafting a briefing doc, building a PowerPoint, and blocking calendar time. That post also says Cowork "builds a plan, asks for your approval," which suggests Microsoft is putting an approval gate between planning and execution rather than letting the agent act completely autonomously.
Microsoft's clearest differentiator is model orchestration, not just app integration. The text in the product screenshot says Microsoft worked closely with Anthropic to integrate the technology behind Claude Cowork into Microsoft 365 Copilot, and adds that users are "not limited by one brand of models." The supporting reaction in the model-flexibility post makes the same point more bluntly: the claimed advantage is that Cowork is not tied to a single model family.
That matters only if the routing is transparent and the capability ceiling stays current. In his thread, Ethan Mollick points to the risk that Microsoft could use weaker models without making that obvious, and he argues recent frontier-model deltas are large enough that the choice materially changes agent performance. His follow-up in the follow-up thread raises a second implementation question: whether Copilot Cowork can improvise outputs with code, or whether it is mostly confined to artifacts that fit neatly into Microsoft app workflows.
For engineers evaluating office agents, those are the unresolved technical questions behind the launch: approval semantics, actual app and file coverage, how durable the background execution really is, and how observable the model-selection layer will be in production.
Microsoft just launched Microsoft Copilot Cowork, a new way to get work done inside Microsoft 365. It turns a user request into a plan and executes it across apps and files while staying within M365 security and governance boundaries.
Microsoft seems to be launching its own branded version of Cowork (though I hesitate to discuss products I haven’t tried) A big question is whether it will continue to use lower-end models without telling you. Also whether it will keep up as the space evolves, or is it a one-off
