How Codex’s New Windows Support Lets AI See Screens and Control Apps

What is Computer Use?

Codex is OpenAI’s desktop AI programming agent (different from the Codex CLI). It runs locally with a graphical UI, can read and write code, execute commands, and, through the new Computer Use capability, observe the screen, analyze UI state, and simulate mouse clicks and keyboard input as if a person were operating the machine.

Typical use cases listed by OpenAI include UI testing on desktop and mobile, reproducing UI‑related bugs, adjusting application settings that lack a command‑line interface, and orchestrating cross‑application workflows such as copying data from one system to another.

For example, prompting “draw a goblin in Paint” makes Codex launch Windows Paint and actually draw the image.

What version 26.527 brings

The update introduces three main changes.

1. Computer Use on Windows – Codex can now see the screen, move the mouse, and type on Windows applications. The target application must remain visible in the foreground, and Codex takes exclusive control of mouse and keyboard while a task runs.

2. Mobile remote control – The ChatGPT iOS and Android apps can connect to a Codex instance running on Windows, allowing users to start tasks, monitor progress, and intervene from their phone while the code continues to execute on the PC.

3. Profile page update – The Profile section now shows account details, usage statistics, and token consumption, giving users a clearer view of cost and quota.

macOS vs. Windows differences

Both platforms share the same core Computer Use capabilities, but their implementations differ.

macOS supports a “locked use” mode that continues running after the screen is locked, using a special authorization plug‑in.

Windows requires the target application to stay in the foreground; it does not support locked‑screen operation, and users cannot use the mouse or keyboard for other tasks while Codex is active.

Permission requirements also differ: macOS needs screen‑recording and accessibility permissions, whereas Windows only needs the application to be visible. Installing the Computer Use plug‑in is a prerequisite on both systems.

Security and boundaries

Because Computer Use can directly manipulate a computer, OpenAI adds several safeguards:

Each application access triggers a permission prompt, allowing “always allow” or per‑session approval.

Tasks can be paused or stopped at any time, returning control to the user.

OpenAI recommends closing unrelated sensitive applications while a task runs.

File modifications and shell commands still go through Codex’s existing sandbox and approval mechanisms; Computer Use does not bypass them.

OpenAI also defines explicit limits: Codex cannot control terminal applications, cannot operate on itself, cannot run with administrator privileges, and cannot bypass system security dialogs.

Conclusion

With Computer Use now available on Windows and mobile remote control added, the AI programming agent can handle UI testing, bug reproduction, and cross‑application automation that previously required manual effort.

The Windows implementation’s foreground‑only restriction and early‑access label mean users should evaluate the feature in their own workflows, but the overall capability expands what AI agents can achieve on desktop environments.