Microsoft has unveiled a brand new multi-model synthetic intelligence (AI)-driven system referred to as MDASH to facilitate vulnerability discovery and remediation at scale, including that it is being examined by some prospects as a part of a restricted personal preview.
MDASH, quick for multi-model agentic scanning harness, is designed as a model-agnostic system that makes use of bespoke AI brokers for various vulnerability courses to autonomously uncover, validate, and show exploitable defects in complicated codebases like Home windows.
“Not like single-model approaches, the harness orchestrates greater than 100 specialised AI brokers throughout an ensemble of frontier and distilled fashions to find, debate, and show exploitable bugs end-to-end,” Taesoo Kim, vice chairman of agentic safety at Microsoft, mentioned.
MDASH is envisioned as a “structured pipeline” that ingests a codebase and produces validated, confirmed findings via a collection of actions.
It begins with analyzing the supply code to construct a menace mannequin and assault floor, working specialised “auditor” brokers over candidate code paths to flag potential points, working a second set of “debater” brokers that validate the findings, grouping semantically equal findings, after which lastly proving the existence of the vulnerabilities.
The system is powered by a configurable panel of fashions, with state-of-the-art (SOTA) fashions used for reasoning, distilled fashions for validation for high-volume passes, and a second separate SOTA mannequin for unbiased counterpoint.
“Disagreement between fashions is itself a sign: when an auditor flags one thing as suspect and the debater cannot refute it, that discovering’s posterior credibility goes up,” Microsoft defined. “An auditor doesn’t purpose like a debater, which doesn’t purpose like a prover. Every pipeline stage has its personal position, immediate regime, instruments, and cease standards.”
Redmond famous that the specialised brokers have been constructed primarily based on previous frequent vulnerabilities and exposures (CVEs) and their patches. It additionally mentioned the structure permits for portability throughout mannequin generations.
MDASH has already been put to check, unearthing 16 of the vulnerabilities that had been fastened on this month’s Patch Tuesday launch. The shortcomings span throughout the Home windows networking and authentication stack, together with two crucial flaws that would pave the way in which for distant code execution –
- CVE-2026-33824 (CVSS rating: 9.8) – A double-free vulnerability in “ikeext.dll” that would permit an unauthenticated attacker to ship specifically crafted packets to a Home windows machine with Web Key Alternate (IKE) model 2 enabled, resulting in distant code execution.
- CVE-2026-33827 (CVSS rating: 8.1) – A race situation vulnerability in Home windows TCP/IP (“tcpip.sys”) that permits an unauthorized attacker to ship a specifically crafted IPv6 packet to a Home windows node the place IPSec is enabled, resulting in distant code execution exploitation.
Information of MDASH follows the debut of Anthropic’s Mission Glasswing and OpenAI Dawn, each of that are AI-powered cybersecurity initiatives for accelerating vulnerability discovery, validation, and remediation earlier than they are often found by unhealthy actors.
“The strategic implication is obvious: AI vulnerability discovery has crossed from analysis curiosity into production-grade protection at enterprise scale, and the sturdy benefit lies within the agentic system across the mannequin reasonably than any single mannequin itself,” Kim mentioned.
