Microsoft has unveiled a brand new multi-model synthetic intelligence (AI)-driven system referred to as MDASH to facilitate vulnerability discovery and remediation at scale, including that it is being examined by some prospects as a part of a restricted personal preview.
MDASH, quick for multi-model agentic scanning harness, is designed as a model-agnostic system that makes use of bespoke AI brokers for various vulnerability courses to autonomously uncover, validate, and show exploitable defects in advanced codebases like Home windows.
“Not like single-model approaches, the harness orchestrates greater than 100 specialised AI brokers throughout an ensemble of frontier and distilled fashions to find, debate, and show exploitable bugs end-to-end,” Taesoo Kim, vice chairman of agentic security at Microsoft, stated.
MDASH is envisioned as a “structured pipeline” that ingests a codebase and produces validated, confirmed findings by a sequence of actions.
It begins with analyzing the supply code to construct a menace mannequin and assault floor, operating specialised “auditor” brokers over candidate code paths to flag potential points, operating a second set of “debater” brokers that validate the findings, grouping semantically equal findings, after which lastly proving the existence of the vulnerabilities.
The system is powered by a configurable panel of fashions, with state-of-the-art (SOTA) fashions used for reasoning, distilled fashions for validation for high-volume passes, and a second separate SOTA mannequin for unbiased counterpoint.
“Disagreement between fashions is itself a sign: when an auditor flags one thing as suspect and the debater cannot refute it, that discovering’s posterior credibility goes up,” Microsoft defined. “An auditor doesn’t motive like a debater, which doesn’t motive like a prover. Every pipeline stage has its personal function, immediate regime, instruments, and cease standards.”
Redmond famous that the specialised brokers have been constructed based mostly on previous frequent vulnerabilities and exposures (CVEs) and their patches. It additionally stated the structure permits for portability throughout mannequin generations.
MDASH has already been put to check, unearthing 16 of the vulnerabilities that have been fastened on this month’s Patch Tuesday launch. The shortcomings span throughout the Home windows networking and authentication stack, together with two vital flaws that might pave the best way for distant code execution –
- CVE-2026-33824 (CVSS rating: 9.8) – A double-free vulnerability in “ikeext.dll” that might enable an unauthenticated attacker to ship specifically crafted packets to a Home windows machine with Web Key Trade (IKE) model 2 enabled, resulting in distant code execution.
- CVE-2026-33827 (CVSS rating: 8.1) – A race situation vulnerability in Home windows TCP/IP (“tcpip.sys”) that permits an unauthorized attacker to ship a specifically crafted IPv6 packet to a Home windows node the place IPSec is enabled, resulting in distant code execution exploitation.
Information of MDASH follows the debut of Anthropic’s Mission Glasswing and OpenAI Dawn, each of that are AI-powered cybersecurity initiatives for accelerating vulnerability discovery, validation, and remediation earlier than they are often found by unhealthy actors.
“The strategic implication is obvious: AI vulnerability discovery has crossed from analysis curiosity into production-grade protection at enterprise scale, and the sturdy benefit lies within the agentic system across the mannequin fairly than any single mannequin itself,” Kim stated.
