Microsoft has introduced a new AI-powered system for uncovering software vulnerabilities, which found 16 previously unknown security flaws in Windows—four of them critical remote code execution weaknesses. Security experts believe this could represent a significant turning point in how vulnerabilities are detected and fixed.
The system, called MDASH, was created by Microsoft’s Autonomous Code Security team in collaboration with the Windows Attack Research and Protection group.
Microsoft announced in a blog post that the platform will be available in private preview for enterprise customers starting next month.
All of the vulnerabilities were fixed as part of Microsoft’s May 12 Patch Tuesday update.
“Cyber defenders are fighting an increasingly uneven battle,” Microsoft stated in the blog post. “Attackers are leveraging AI to make their attacks faster, larger in scale, and more sophisticated.”
Critical Windows components affected
According to Microsoft, the four critical vulnerabilities impacted core Windows components widely used across enterprise environments.
One of them, CVE-2026-33827, is a remote unauthenticated use-after-free flaw in the Windows IPv4 stack that can be triggered by specially crafted packets containing the Strict Source and Record Route option.
Another vulnerability, CVE-2026-33824, is a pre-authentication double-free issue in the IKEEXT service that affects RRAS VPN, DirectAccess, and Always-On VPN deployments.
Two additional critical flaws were found in Netlogon and the Windows DNS Client, both with CVSS scores of 9.8.
The other 12 vulnerabilities, rated “Important,” included denial-of-service, privilege escalation, information disclosure, and security feature bypass issues affecting components like tcpip.sys, http.sys, ikeext.dll, and telnet.exe, according to Microsoft.
How MDASH orchestrates AI agents
Microsoft explained that MDASH coordinates more than 100 specialized AI agents across multiple advanced and distilled models, with each agent responsible for a different phase of the vulnerability discovery process.
Some agents examine source code for potential weaknesses, others verify whether the findings are legitimate, and another group works on creating test inputs that can reproduce the issue before the result is passed to a human engineer for review.
“The model is one input. The system is the product,” wrote Taesoo Kim, Microsoft vice president for agentic security, in the blog post.
Microsoft said the architecture was deliberately designed to be largely model-agnostic, meaning the company can switch out the underlying AI models without having to rebuild the entire orchestration framework.
This detail is significant because MDASH was announced just weeks after Microsoft revealed Project Glasswing, a collaboration involving Anthropic and other partners to assess AI-driven vulnerability discovery using Anthropic’s Claude Mythos Preview model.
“Microsoft is now acting as platform owner, security vendor, AI infrastructure provider, OpenAI partner, Mythos integrator, and agentic security supplier,” said Sanchit Vir Gogia, chief analyst at Greyhound Research. “That is a powerful position. It is also a concentration of influence that security leaders need to evaluate carefully.”
AI vs AI vulnerability race
The announcement also underscores rising concerns that AI-driven vulnerability discovery could speed up offensive cyber operations just as much as defensive research.
Anthropic has previously reported that its Mythos Preview model discovered thousands of high-severity vulnerabilities, including a decades-old OpenBSD flaw and a long-undetected FFmpeg issue that traditional fuzzing tools had failed to find despite millions of attempts.
“We’ve entered an AI-versus-AI vulnerability discovery race,” said Sunil Varkey, advisor at Beagle Security. “The winners won’t be the organizations with the best static scanners anymore. They’ll be the ones who can run these agentic systems fastest against their own code and fix issues at machine speed.”
Varkey recommended that enterprises seek early access to tools like MDASH whenever possible instead of waiting for wider commercial release.
“Early access isn’t just a nice-to-have,” he said. “It’s becoming a defensive necessity in the AI era.”
For CISOs, the broader takeaway may be that vulnerability management is evolving from periodic scanning toward continuous, AI-assisted detection and remediation.
“The future belongs to security teams that can discover, validate, contain, and fix vulnerabilities in one governed process,” Gogia said.
Benchmarks show progress, but analysts urge caution
To back up its claims, Microsoft released benchmark results showing that MDASH identified all 21 intentionally planted vulnerabilities in an internal Windows test driver with zero false positives. The company also reported that the system successfully recovered nearly all historical Microsoft Security Response Center cases when tested against older Windows component snapshots.
On the public CyberGym benchmark for vulnerability reproduction tasks, Microsoft said MDASH achieved a score of 88.45%, leading the public leaderboard at the time of publication.
Gogia acknowledged that the results indicate the technology is maturing but cautioned against treating benchmark scores as a direct measure of enterprise value.
“CyberGym is a signal, not a buying decision,” he said. “The infrastructure around the model is starting to look like a serious security research workflow.”
He also noted that many enterprises still lack the governance maturity needed to effectively operationalize machine-generated vulnerability discovery.
“Discovery without remediation discipline is theater,” Gogia said. “It produces dashboards, not resilience.”
