Microsoft’s new AI program detects 16 Windows errors, including four critical RCEs

Microsoft has unveiled a new AI-driven vulnerability detection program that has identified 16 previously unknown Windows vulnerabilities, including four critical remote code execution flaws, in what security analysts say could mark a major shift in the way software vulnerabilities are found and fixed.

The program, codenamed MDASH, was developed by Microsoft’s Autonomous Code Security team alongside the Windows Attack Research and Protection team.

The platform will roll out a private preview to business customers next month, Microsoft said in a blog post announcing the program.

The vulnerability was documented as part of Microsoft’s May 12 Patch Tuesday release.

“Cyber ​​defenders are facing an increasingly asymmetric war,” Microsoft added in a blog post. “Attackers use AI to increase the speed, scale and sophistication of attacks.”

Important Windows components affected

Four critical vulnerabilities affected core Windows components widely deployed in enterprise environments, Microsoft said in a blog post.

Among them was CVE-2026-33827, an unapproved exploit vulnerability behind the Windows IPv4 stack that is accessible through specially crafted packets that carry the Hard Source and Record Route option, Microsoft said.

Another bug, CVE-2026-33824, involved a pre-emptive two-factor authentication issue in the IKEEXT service affecting RRAS VPN, DirectAccess, and Always-On VPN deployments.

Two additional critical flaws affected Netgon and the Windows DNS Client, both of which carried a CVSS score of 9.8.

The remaining 12 vulnerabilities rated “Critical” include denial of service, elevation of privilege, information disclosure, and security feature errors affecting components such as tcpip.sys, http.sys, ikeext.dll, and telnet.exe, according to Microsoft.

How MDASH organizes AI agents

According to Microsoft, MDASH organizes more than 100 special AI agents across different models, each agent assigned a different level of risk detection.

Some agents scan the source code for potential errors, others verify that the findings are correct, and another section tries to create trigger inputs that can reproduce the problem before the findings reach a human developer for review.

“The model is one installation. The system is the product,” Taesoo Kim, Microsoft’s vice president of agent security, wrote in a blog.

Microsoft said these architectures are intentionally designed to remain model-agnostic, allowing the company to change the underlying AI models without rebuilding the extensive orchestration pipeline.

That detail is important because MDASH comes just weeks after Microsoft announced Project Glasswing, a partnership involving Anthropic and others to test AI-driven vulnerability discovery using Anthropic’s Claude Mythos Preview model.

“Microsoft now acts as a platform owner, security vendor, AI infrastructure player, OpenAI partner, Mythos developer, and agent security supplier,” said Sanchit Vir Gogia, senior analyst at Greyhound Research. “That’s a scary situation. It’s also a lot of influence that security leaders need to look at with bright eyes.”

AI vs AI is a race for vulnerability

The announcement also highlights growing concerns that AI-driven vulnerability discovery could accelerate offensive operations and defense research.

Anthropic has previously said that its Mythos Preview model identified thousands of critical vulnerabilities, including a decades-old OpenBSD bug and an FFmpeg bug that traditional fuzzing tools failed to uncover despite millions of attempts.

“We entered the AI-versus-AI vulnerability race,” said Sunil Varkey, a consultant at Beagle Security. “The winners will no longer be the organizations with the best static scanning machines. They will be the ones that can quickly implement these systems by comparing their code and correcting at machine speed.”

Varkey said businesses should pursue early access to systems like MDASH where possible rather than waiting for wider commercial availability.

“Early access is not just a nice-to-have,” he said. “It’s becoming a necessity to protect yourself in the age of AI.”

For CISOs, the broader definition may be that vulnerability management is moving from periodic scanning to continuous, AI-assisted detection and remediation.

“The future belongs to a security team that can detect, verify, contain, and remediate in one commanding motion,” Gogia said.

Estimates show progress, but analysts urge caution

To support its claims, Microsoft published benchmark results showing MDASH identified all 21 maliciously planted vulnerabilities in Windows’ internal test driver without false positives. The company also said that the program successfully recovered almost all of the historical cases Microsoft Security Response Center tested against snapshots of older Windows components.

In CyberGym’s public benchmark for vulnerable productivity jobs, Microsoft said MDASH scored 88.45%, topping the public leaderboard at press time.

Gogia said the results show the sector is growing but cautioned against treating benchmark scores as direct evidence of business value.

“CyberGym is a signal, not a purchase decision,” he said. “The machines around the model are starting to resemble the important work of security research.”

He added that many businesses still lack the governance maturity needed to operate automated risk detection effectively.

“Findings without correctional discipline are theater,” Gogia said. “It produces dashboards, not rigor.”