Microsoft has built an AI security system called 'MDASH' to be used for detecting vulnerabilities in Windows.

Microsoft has announced MDASH , an agent-based vulnerability detection and remediation system. It is described as a series of systems that use multiple AI models to investigate and fix vulnerabilities in a step-by-step manner.

Defense at AI speed: Microsoft's new multi-model agentic security system tops leading industry benchmark | Microsoft Security Blog

MDASH stands for 'Microsoft Security multi - model artificials scanning harness , ' and it's a system that uses multiple AI models to scan for exploitable bugs.

MDASH investigates vulnerabilities in five stages: a 'preparation phase' that takes in sources and creates attack surface and threat models; a 'scanning phase' that runs more than 100 specialized audit agents and outputs vulnerability candidates with hypotheses and evidence; a 'verification phase' that runs a second agent as a discussant to debate vulnerabilities; a 'deduplicating phase' that integrates semantically equivalent findings; and a 'proof phase' that activates triggers to prove the existence of vulnerabilities.

At each stage, the AI models perform their roles accordingly. For example, the audit agent does not engage in discussion, and the argumentation agent does not provide proof. This allows the inconsistency in the findings between the models to be used as a signal of vulnerability, thereby increasing the reliability of the discovery.

Microsoft had MDASH analyze a sample driver and found all 21 anticipated vulnerabilities. Because the driver's source code is not publicly available on the internet, it was confirmed that even vulnerabilities encountered for the first time by the AI involved in the verification process could still function effectively.

Microsoft also investigated vulnerabilities in Windows and identified 16 vulnerabilities. These vulnerabilities are reportedly fixed in the Windows Update on May 12, 2026. Microsoft points out that 'some of these vulnerabilities utilize multiple flows, making them difficult to track and prone to being missed with a single model.'

In addition, MDASH reportedly demonstrated a 96% rediscovery rate in 28 past cases over a five-year period. Microsoft commented, 'The industry has now reached a stage where AI-powered vulnerability detection is no longer mere speculation but an engineering challenge. These findings, along with the results of the past five years of research, demonstrate that AI-powered vulnerability detection can be deployed at scale.'

MDASH is being offered as a limited private preview, and we are currently accepting requests from registered users.