Microsoft has unveiled a brand new multi-model synthetic intelligence (AI)-driven system referred to as MDASH to facilitate vulnerability discovery and remediation at scale, including that it is being examined by some clients as a part of a restricted non-public preview.
MDASH, quick for multi-model agentic scanning harness, is designed as a model-agnostic system that makes use of bespoke AI brokers for various vulnerability lessons to autonomously uncover, validate, and show exploitable defects in advanced codebases like Home windows.
“Not like single-model approaches, the harness orchestrates greater than 100 specialised AI brokers throughout an ensemble of frontier and distilled fashions to find, debate, and show exploitable bugs end-to-end,” Taesoo Kim, vice chairman of agentic safety at Microsoft, mentioned.
MDASH is envisioned as a “structured pipeline” that ingests a codebase and produces validated, confirmed findings by means of a collection of actions.
It begins with analyzing the supply code to construct a risk mannequin and assault floor, working specialised “auditor” brokers over candidate code paths to flag potential points, working a second set of “debater” brokers that validate the findings, grouping semantically equal findings, after which lastly proving the existence of the vulnerabilities.
The system is powered by a configurable panel of fashions, with state-of-the-art (SOTA) fashions used for reasoning, distilled fashions for validation for high-volume passes, and a second separate SOTA mannequin for unbiased counterpoint.
“Disagreement between fashions is itself a sign: when an auditor flags one thing as suspect and the debater cannot refute it, that discovering’s posterior credibility goes up,” Microsoft defined. “An auditor doesn’t purpose like a debater, which doesn’t purpose like a prover. Every pipeline stage has its personal position, immediate regime, instruments, and cease standards.”
Redmond famous that the specialised brokers have been constructed primarily based on previous frequent vulnerabilities and exposures (CVEs) and their patches. It additionally mentioned the structure permits for portability throughout mannequin generations.
MDASH has already been put to check, unearthing 16 of the vulnerabilities that had been fastened on this month’s Patch Tuesday launch. The shortcomings span throughout the Home windows networking and authentication stack, together with two important flaws that would pave the best way for distant code execution –
- CVE-2026-33824 (CVSS rating: 9.8) – A double-free vulnerability in “ikeext.dll” that would permit an unauthenticated attacker to ship specifically crafted packets to a Home windows machine with Web Key Trade (IKE) model 2 enabled, resulting in distant code execution.
- CVE-2026-33827 (CVSS rating: 8.1) – A race situation vulnerability in Home windows TCP/IP (“tcpip.sys”) that permits an unauthorized attacker to ship a specifically crafted IPv6 packet to a Home windows node the place IPSec is enabled, resulting in distant code execution exploitation.
Information of MDASH follows the debut of Anthropic’s Undertaking Glasswing and OpenAI Dawn, each of that are AI-powered cybersecurity initiatives for accelerating vulnerability discovery, validation, and remediation earlier than they are often found by unhealthy actors.
“The strategic implication is evident: AI vulnerability discovery has crossed from analysis curiosity into production-grade protection at enterprise scale, and the sturdy benefit lies within the agentic system across the mannequin somewhat than any single mannequin itself,” Kim mentioned.
