[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fi0Gz2FubMBzPEVwMU4pPU2Ylhz-byEgbh7ZIo67eZm8":3},{"article":4,"iocs":56},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":33,"category":34,"article_tags":38},"4db81389-bd70-4244-960e-8a1536bfb345","Beyond the benchmark: Advancing security at AI speed","beyond-the-benchmark-advancing-security-at-ai-speed-d62228","Read how Microsoft Security has advanced its agentic vulnerability detection system, codename MDASH, integrating into real-world workflows across Windows, Azure, and identity systems. The post Beyond the benchmark: Advancing security at AI speed appeared first on Microsoft Security Blog.","Microsoft Security has integrated its AI-powered vulnerability detection system, codenamed MDASH, into production workflows across Windows, Azure, and identity systems. The system uses specialized AI agents to discover, validate, and help remediate vulnerabilities, aiming to shorten the time between code shipment and security review. This advancement allows security teams to analyze complex codebases like the Windows kernel and Azure infrastructure with greater depth and scale than traditional methods.","Microsoft Security advances agentic vulnerability detection system MDASH for real-world workflows.","Share Link copied to clipboard! Content types News Products and services Microsoft Defender Topics AI and agents Every vulnerability has two clocks running. One belongs to the defender racing to find it; the other to the cyberattacker hoping to find it first. For as long as software has existed, those clocks have favored the attacker, because modern code is vast, interconnected, and changing every day, while security reviews happen at fixed moments in time. The space between “code shipped” and “code reviewed” is where risk quietly accumulates. A few months ago, we set out to reshape that timing. We introduced codename MDASH, Microsoft Security’s multi-model agentic scanning system, built to discover, validate, and help remediate software vulnerabilities end-to-end. The goal was straightforward to articulate and hard to execute: take AI-powered vulnerability discovery and remediation capability from a research project and turn them into production-grade defense at enterprise scale. That meant going beyond pattern matching and building a system that could reason through the complexity of proprietary code and platforms like Windows, Hyper-V, Azure, and identity systems. Learn more about MDASH and sign up to join the preview Rather than rely on any single model, the system orchestrates a panel of specialized AI agents, each with its own role in a structured pipeline, so security teams can surface hard bugs quickly and systematically, expanding the reach of human-led review. Findings flow into Microsoft Defender workflows, where they can be prioritized alongside threat intelligence and runtime signals, and into GitHub and Azure DevOps pipelines, where they can be validated and remediated, a closed loop connecting discovery, validation, proof, and fix across the Microsoft stack. When we introduced the system, it topped a leading industry benchmark. That was the announcement, and the starting line. In the weeks since, the system has moved from early capability validation into active use by Microsoft engineering teams across Windows, Azure, and identity systems, applied as part of real security workflows rather than isolated testing environments. This post explores what we have built since, the lessons we’ve learned from turning research into a production-quality system, and the opportunities ahead as we focus on delivering real-world security impact. From the lab into the pipeline The most meaningful change since launch is where the system is being used. Engineering teams across Windows, Azure, and identity systems are now applying the system as part of their security workflows, running it alongside existing processes and reviews, targeting it at the surfaces that are hardest to audit manually and have historically required the most effort to cover. The goal is to use AI-driven analysis to go deeper, earlier, and across a broader set of targets than traditional approaches allow. The surfaces in scope are among the most complex Microsoft builds: Windows, the kernel, Hyper-V, and the networking stack Azure, virtualization and core infrastructure services Identity, Active Directory Domain Services These are not easy targets. They are the deep layers of the platform, components where reasoning about code requires understanding kernel calling conventions, object lifetime invariants, and trust boundaries that no language model encountered in its training data. A single overlooked flaw at this layer can have outsized consequences. The system is not replacing security teams working at this depth. It is giving them meaningful reach into territory they could not cover alone. Codename MDASH has enabled our security team to perform vulnerability hunting at the scale of Windows with a much higher depth of analysis than was previously possible.” —Windows security team (kernel, Hyper-V, networking stack) This is also where the system fits into Microsoft’s existing DevSecOps story. It is not a standalone scanner bolted onto the side of engineering—it plugs into the tools teams already use. Validated findings surface as code scanning alerts in GitHub Advanced Security (GHAS), appearing inline on pull requests and in the repository’s security tab so engineers triage them in the same place they review code. The same findings flow into Azure DevOps, where they can gate pipeline builds and open work items for remediation, and into Microsoft Defender, where they are prioritized alongside threat intelligence and runtime signals. Discovery is only the entry point: because a finding travels the same path as every other code change—with an owner, a pull request, and a fix on the other side—it lands as actionable engineering work rather than stalling in a backlog. The effect is to strengthen the software development lifecycle from the inside, not to add one more tool for teams to tend. This month’s set of discoveries The measure of any security system is what it catches. This month’s Patch Tuesday cohort includes a set of vulnerability discoveries across the Windows ecosystem, Hyper-V, the Windows kernel, Active Directory Domain Services, Remote Desktop Client, HTTP.sys, DNS Client, and DHCP Client, spanning exploit classes including remote code execution, elevation of privilege, and information disclosure. The range of attack vectors is significant. Several findings involve high-severity remote code execution vulnerabilities in core infrastructure layers that are difficult to scrutinize using manual approaches alone. Others surface more subtle issues, such as privilege escalation through DNS components and information disclosure through DHCP client behavior, that reflect the power of code-centric reasoning applied across many targets simultaneously. Each was identified before exploitation, in areas of the codebase that would traditionally demand significant manual effort to review. CVE ID Component Type Exploit Class CVSS (Common Vulnerability Scoring System)CVE-2026-45607 Windows Hyper-V Out-of-bounds Read Remote Code Execution 8.4CVE-2026-45641 Windows Hyper-V Type Confusion Remote Code Execution 8.4CVE-2026-47652 Windows Hyper-V Heap-based Buffer Overflow Remote Code Execution 8.2CVE-2026-41108 Windows DNS Client Heap-based Buffer Overflow Elevation of Privilege 7.0CVE-2026-45608 Windows DHCP Client Out-of-bounds Read Information Disclosure 6.8CVE-2026-45634 Windows DHCP Client Out-of-bounds Read Information Disclosure 5.5CVE-2026-45648 Windows Active Directory Domain Services Stack-based Buffer Overflow Remote Code Execution 8.8CVE-2026-47289 Remote Desktop Client Heap-based Buffer Overflow Remote Code Execution 8.8CVE-2026-45657 Windows Kernel Use-after-free Remote Code Execution 9.8CVE-2026-47291 HTTP.sys Integer Overflow Remote Code Execution 9.8 Beyond the headline: What the engineering work taught us How the system improved To improve a system, you have to measure it. CyberGym, an industry benchmark built on 1,507 real-world vulnerabilities, gave us a way to iterate quickly and see exactly where we were getting better. Since the initial announcement, we evolved the system significantly: new capabilities added, and the entire pipeline rebuilt based on customer feedback, CyberGym evaluation results, and extensive internal testing. The latest version has achieved 96.5% (any crash) on CyberGym, including both target and non-target vulnerabilities. The gains were concentrated in the earliest stages of the pipeline: prepare and scan. These are foundational. Improvements there directly raise the quality of everything downstream, such as validation and proof generation, where precise understanding of the codebase and accurate exploration are critical. Specifically: Sharper scoping. The system now more clearly distinguishes the code under audit from contextual code, defining dependencies based on their role rather than their origin. Later stages can focus on what matters, improving both efficiency and signal quality. More comprehensive threat modeling. The system has a fuller view","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002F2026\u002F06\u002F17\u002Fbeyond-the-benchmark-advancing-security-at-ai-speed\u002F","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002Fwp-content\u002Fuploads\u002F2026\u002F06\u002FMS_Actional-Insights_Malware-ransomware-2.jpg","2026-06-17T19:30:00+00:00","2026-06-17T22:00:19.478102+00:00",7,[18,21,24,27,29,31],{"name":19,"type":20},"MDASH","product",{"name":22,"type":23},"Microsoft","vendor",{"name":25,"type":26},"AI","technology",{"name":28,"type":20},"Microsoft Defender",{"name":30,"type":20},"Windows",{"name":32,"type":20},"Azure","e7b231c8-5f79-4465-8d38-1ef13aea5a14",{"id":33,"icon":35,"name":36,"slug":37},null,"Threat Intelligence","threat-intelligence",[39,44,49,54],{"category":40},{"id":41,"icon":35,"name":42,"slug":43},"02371804-cf6d-4449-98de-f1a2d4d9b266","Tools","tools",{"category":45},{"id":46,"icon":35,"name":47,"slug":48},"80544778-fabb-4dcd-aa35-17492e5dcf4f","Vulnerabilities","vulnerabilities",{"category":50},{"id":51,"icon":35,"name":52,"slug":53},"839da5c1-3c34-47e2-9499-f7201640e3ac","AI Security","ai-security",{"category":55},{"id":33,"icon":35,"name":36,"slug":37},[]]