Security

Microsoft expands AI vulnerability scanning to Windows

3 min read
Abstract geometric representation of a digital shield made of interconnected glowing nodes over a stylized code surface Image generated with GPT Image 2
Abstract geometric representation of a digital shield made of interconnected glowing nodes over a stylized code surface

TL;DR Too Long; Didn’t read

On July 9, 2026, Microsoft announced in the Windows Experience Blog that it will permanently and broadly roll out AI-based vulnerability detection and remediation across the entire Windows code. The core is MDASH ("multi-model agentic scanning harness"), a system introduced on May 12, 2026, consisting of over 100 specialized AI agents, which according to Microsoft found 16 vulnerabilities during the May Patch Tuesday, including two critical remote code execution flaws (CVE-2026-33824 in ikeext.dll, CVE-2026-33827 in tcpip.sys). Microsoft expects more, but more targeted security updates in the future and advises risk-based rather than calendar-based patch management. Human review of code and releases remains mandatory according to the company. The hit rates and benchmark values have so far been exclusively from Microsoft itself and are independently unverified.

Key takeaways

  • On July 9, 2026, Microsoft announced in the Windows Experience Blog that it will expand AI-based vulnerability detection and remediation across all of Windows, no longer just as a pilot project.
  • The centerpiece is MDASH ("multi-model agentic scanning harness"), a system of over 100 specialized AI agents that Microsoft’s Autonomous Code Security Team first introduced on May 12, 2026.
  • During the May 2026 Patch Tuesday, Microsoft attributed 16 of the resolved vulnerabilities to MDASH, including at least two critical remote code execution flaws in Windows network and authentication components.
  • Microsoft expects more, but more targeted security updates in the future and advises organizations to switch to risk-based rather than rigid monthly patch management.
  • Human review remains mandatory according to Microsoft: code review, risk assessment, and approval of fixes continue to lie with employees, secured through the Security Update Validation Program and Known Issue Rollback.
  • The benchmark and hit numbers published by Microsoft regarding MDASH have not yet been independently verified; reports from BleepingComputer and Petri largely adopt Microsoft’s own representation.

Microsoft announced on July 9, 2026, in the Windows Experience Blog that it will permanently and broadly integrate AI-powered tools for vulnerability detection and remediation into the development of Windows. Until now, the use of such systems has been rather sporadic; in the future, it is intended to become a fixed part of the development process. As a direct consequence, the company announces that customers should expect a higher number of security updates because more vulnerabilities will be found before they can be exploited.

What Microsoft is changing specifically

At the center of the announcement is MDASH, short for “multi-model agentic scanning harness.” As Microsoft describes in the Security Blog, the system orchestrates over 100 specialized AI agents from an ensemble of frontier and distilled models. Instead of using a single model for all tasks, the code goes through a five-stage pipeline: Preparation (analysis of source code and threat models), Scan (specialized testing agents identify candidates), Validation (further agents assess exploitability and reachability), Deduplication (content-wise identical findings are merged), and finally Proof, where the system actively constructs inputs to dynamically confirm a flaw.

MDASH was already introduced on May 12, 2026, by Taesoo Kim, Vice President for Agentic Security at Microsoft, as a project of the company’s own Autonomous-Code-Security team. The announcement on July 9 now makes it no longer a prototype but a fixed component of Windows security work.

What MDASH is said to have found so far

According to Microsoft, MDASH contributed to 16 of the vulnerabilities fixed in May 2026 during Patch Tuesday. Among them, according to consistent reports, were at least two critical remote code execution vulnerabilities: CVE-2026-33824, a double-free error in ikeext.dll as part of IKEv2, and CVE-2026-33827, a race condition error in tcpip.sys. The affected components were primarily parts of the Windows network and authentication stacks. There are slightly differing reports in the available sources regarding the exact breakdown between critical and less severe findings; there is no independent, uniform confirmation of the complete list.

Among the benchmark results published by Microsoft are a success rate of 88.45 percent on the public CyberGym test set with 1,507 real vulnerabilities, as well as 21 out of 21 correctly identified, deliberately placed vulnerabilities in an internal test system without false alarms. These figures come exclusively from the company itself.

What changes for users and administrators

Microsoft advises organizations to shift from rigid, calendar-based patch cycles to a risk-based, continuous approach. Staged rollout rings, early testing of preview versions, and the use of tools such as Windows Autopatch, Microsoft Intune, Azure Arc, and Azure Update Manager are recommended. As a safety net in case of faulty updates, Microsoft refers to the Known Issue Rollback feature, which allows problematic changes to be reverted, as well as internal tests as part of the Security Update Validation Program.

Microsoft explicitly emphasizes that humans continue to bear the responsibility for code review, risk assessment, and the final approval of fixes. AI systems like MDASH are intended to identify vulnerabilities and provide suggestions, but the final decision remains with the Windows development teams.

Independent assessment

Reports from BleepingComputer and the Petri IT Knowledgebase confirm the basic outlines of the announcement but do not provide their own verification of the figures cited by Microsoft. Both articles point out that there are no available false positive rates or independent measurements of the actual acceleration of vulnerability detection. BleepingComputer also notes that attackers are increasingly using AI tools to find and exploit vulnerabilities—a race that the Microsoft announcement itself does not address.

Assessment

The announcement fits into a broader trend where large software vendors are increasingly using AI systems for automated debugging of their own code. For Microsoft, as the operator of one of the most widely used operating systems, this is a balancing act: More found vulnerabilities potentially mean less attack surface, but also more and more frequent updates that administrators must implement. Whether the hit rates reported by Microsoft and the low false alarm rate will hold up under independent scrutiny remains to be seen.

Frequently asked questions

What did Microsoft announce on July 9, 2026?

Microsoft announced in the Windows Experience Blog that it will integrate AI-based tools for vulnerability detection and remediation firmly into Windows development, rather than using them only sporadically. As a result, the company expects a higher number of security updates in the future.

What is MDASH?

MDASH stands for "multi-model agentic scanning harness" – a system that orchestrates over 100 specialized AI agents in a five-stage pipeline (preparation, scan, validation, deduplication, proof) to find and confirm vulnerabilities in the code. It was introduced on May 12, 2026, by Taesoo Kim, Microsoft’s Vice President for Agentic Security.

How many vulnerabilities has MDASH already found?

According to Microsoft and corroborating media reports, the company attributed 16 of the resolved vulnerabilities to MDASH during the May 2026 Patch Tuesday, including the critical flaws CVE-2026-33824 (Ikeext.dll/IKEv2) and CVE-2026-33827 (tcpip.sys). Exact, independently verified numbers on hit rates or false positive rates are not available.

Does this mean that AI now decides alone about Windows security updates?

No. Microsoft emphasizes that code review, risk assessment, and the final approval of fixes continue to lie with human employees. Additionally, the Security Update Validation Program and the Known Issue Rollback feature are intended to cushion or reverse faulty changes.

What should IT administrators do now?

Microsoft recommends moving away from rigid, calendar-based patch cycles towards risk-based, continuous patch management – for example, with staggered rollout rings, preview versions, and tools like Windows Autopatch, Microsoft Intune, and Azure Update Manager.


← Back to the blog