Microsoft unveils MDASH, its AI agent-driven security platform — and it's already spotted a host of new Windows flaws

News
By published

100 AI agents worked in unison to discover 16 flaws

Big letters AI in pink in front of pink and blue strands of light suggesting a digital explosion
(Image credit: Getty Images)
  • Microsoft unveiled MDASH, an AI‑powered vulnerability discovery platform orchestrating 100+ agents
  • MDASH found 16 new Windows flaws, including four critical RCEs (CVE‑2026‑33827 in tcpip.sys and CVE‑2026‑33824 in IKEv2) patched in May updates
  • Platform showed high accuracy with zero false positives in testing, now used internally and in private preview

Microsoft has announced MDASH, its newest AI-powered cybersecurity platform, which has reportedly already helped it discover 16 previously unknown vulnerabilities in different Windows components, including two critical-severity remote code execution vulnerabilities.

Built by Microsoft’s Autonomous Code Security Team and the Windows Attack Research and Protection group, MDASH is short for Multi-Model Agentic Scanning Harness and works by orchestrating more than 100 specialized AI agents.

The 16 vulnerabilities MDASH recently spotted were discovered in the Windows TCP/IP stack, the IKEEXT IPsec service, HTTP.sys, Netlogon, DNS resolution, and the Telnet client. Ten were kernel-mode, and six user-mode. Theoretical threat actors could have reached most of them, unauthenticated, remotely, it was said.

Latest Videos From

Avoiding false positives

Kim explained that of the 16 flaws, four were rated critical severity. One of them, described as a remote unauthenticated use-after-free in tcpip.sys, is now tracked as CVE-2026-33827. Another one, tracked as CVE-2026-33824, was described as a double-free in the IKEv2 service reachable over UDP port 500.

Microsoft also claims MDASH is great at avoiding false positives. During testing, the researchers planted 21 vulnerabilities, and MDASH allegedly found all of them with zero false positives.

“96% recall against five years of confirmed Microsoft Security Response Center (MSRC) cases in clfs.sys and 100% in tcpip.sys; and an industry-leading 88.45% score on the public CyberGym benchmark of 1,507 real-world vulnerabilities—the top score on the leaderboard, roughly five points ahead of the next entry,” Microsoft’s VP for Agentic Security, Taesoo Kim explained.

The platform is currently being used internally, by Microsoft’s engineers, and is being tested by a small set of customers in a private preview.

“AI vulnerability discovery has crossed from research curiosity into production-grade defense at enterprise scale, and the durable advantage lies in the agentic system around the model rather than any single model itself,” Kim concluded.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.