Microsoft's MDASH AI found 16 critical Windows flaws before hackers could exploit them
dailySecurity
Summary
Microsoft says its Multi-model Agentic Scanning Harness (MDASH) discovered 16 Windows vulnerabilities—patched on May 12—including four critical remote-code-execution flaws. Several were kernel-mode and reachable over the network without credentials; Microsoft highlighted CVE-2026-33827 and CVE-2026-33824 leading to LocalSystem execution. MDASH runs 100+ specialized agents that seek flaws, build exploit inputs for validation, and pass findings to human reviewers; Microsoft says it ranked top on a CyberGym benchmark and is in limited private preview.
Why it matters
Operational AI now finds and validates critical pre-auth vulnerabilities, shifting how organizations prioritize patches, test defenses, and adopt AI-driven security tooling.