Microsoft says a brand new agentic AI safety system has helped its researchers discover 16 vulnerabilities throughout Home windows networking and authentication programs, together with 4 Essential flaws that would enable distant code execution.
The system, codenamed MDASH, was constructed by Microsoft’s Autonomous Code Safety staff and is now being utilized by Microsoft safety engineering groups. It’s also being examined by a small group of shoppers by means of a restricted non-public preview.
The findings have been included in Microsoft’s 12 Could 2026 Patch Tuesday replace, the corporate’s common month-to-month launch of safety fixes. For builders, cybersecurity groups, and pc science educators, the announcement provides a clearer view of how AI is getting used not solely to jot down code, however to examine it, problem it, and discover weaknesses earlier than attackers can exploit them.
How Microsoft’s AI safety system works
MDASH is what Microsoft calls a multi-model agentic scanning harness. In easier phrases, it’s a system that makes use of many AI brokers to look at code from totally different angles, reasonably than counting on one mannequin to search out issues by itself.
Microsoft says MDASH makes use of greater than 100 specialised AI brokers throughout a number of kinds of AI fashions. Some brokers search for doable bugs. Others take a look at whether or not these findings are actual. Others evaluate comparable code patterns, take away duplicate findings, or attempt to show {that a} vulnerability can truly be triggered.
That issues as a result of cybersecurity groups don’t solely want an inventory of doable issues. They should know which points are actual, how severe they’re, and whether or not they are often reproduced. A device that produces too many weak findings can create extra work for engineers reasonably than decreasing threat.
Microsoft describes MDASH as a pipeline that takes a codebase, identifies areas that might be attacked, scans these areas, checks whether or not the findings maintain up, removes duplicate experiences, after which makes an attempt to show the bug the place doable.
The corporate’s central argument is that the encompassing system is as necessary because the AI mannequin itself. In different phrases, MDASH isn’t just asking one mannequin to “discover bugs.” It’s utilizing a structured course of that mirrors elements of how human safety researchers examine complicated software program.
Home windows flaws added to Patch Tuesday
Microsoft says MDASH helped researchers determine 16 vulnerabilities throughout Home windows networking and authentication elements. These included points in tcpip.sys, which is a part of the Home windows TCP/IP networking stack, and IKEEXT, a Home windows service used for web key alternate and IPsec connections.
4 of the issues have been rated Essential as a result of they concerned distant code execution. Because of this, in some circumstances, an attacker may doubtlessly run code on a goal system with out having bodily entry to the machine.
Many of the vulnerabilities have been reachable from a community place with out credentials, in line with Microsoft. That makes them extra severe than points that require an attacker to have already got entry to a machine or account.
Microsoft highlighted two examples. One flaw, tracked as CVE-2026-33827, concerned tcpip.sys and might be triggered by means of specifically crafted IPv4 packets. The problem was a use-after-free bug, which suggests software program continued to make use of reminiscence after it ought to not have been accessible. Bugs like this will generally be exploited to crash programs, expose info, or run code.
The second, CVE-2026-33824, affected IKEEXT. Microsoft says the bug might be triggered by means of two UDP packets in sure IKEv2 responder configurations. The problem concerned a double-free, one other reminiscence administration error the place the identical piece of reminiscence is launched twice, doubtlessly making a path to code execution.
The necessary level shouldn’t be solely that the system discovered bugs. Microsoft says these flaws required reasoning throughout a number of information, code paths, and possession patterns. That’s the form of work that conventional scanners and single-model AI programs can battle with.
Benchmarks present the place AI safety is heading
Microsoft says MDASH discovered all 21 planted vulnerabilities in a non-public take a look at driver with zero false positives. It additionally experiences 96 p.c recall in opposition to 5 years of confirmed Microsoft Safety Response Heart instances in clfs.sys and 100% recall in tcpip.sys.
The recall figures imply the system was examined in opposition to older, already confirmed vulnerabilities to see whether or not it might have discovered them. Microsoft says the outcomes present MDASH would have recognized a excessive proportion of these earlier flaws.
On CyberGym, a public benchmark made up of 1,507 real-world vulnerability replica duties, Microsoft says MDASH reached an 88.45 p.c success fee. The corporate says this was the best revealed leaderboard rating on the time of writing and round 5 factors above the subsequent entry.
Microsoft shouldn’t be claiming that the identical efficiency will robotically apply to each future codebase. The corporate says the historic exams present how the system would have carried out on identified previous vulnerabilities, whereas the Patch Tuesday group exhibits how it’s being utilized in present Microsoft safety work.
The Autonomous Code Safety staff contains members who got here from Staff Atlanta, which gained the DARPA AI Cyber Problem by constructing an autonomous cyber-reasoning system that discovered and patched bugs in open-source initiatives. Microsoft says classes from that work helped form MDASH.
MDASH is now in use inside Microsoft safety engineering groups and is being examined by clients in a restricted non-public preview. The subsequent query for software program groups, universities, and cybersecurity coaching suppliers is how shortly AI-assisted vulnerability discovery turns into a part of commonplace developer tooling, safety operations, and technical schooling.