Microsoft expects more Windows security updates from AI-discovered flaws
Microsoft expects more Windows security updates due to AI-driven vulnerability discovery.
Summary
Microsoft is increasing its reliance on AI to discover vulnerabilities in Windows, leading to an expected rise in security updates. The company's AI system, MDASH, scans code and validates findings, with human engineers still overseeing fixes. This proactive approach aims to identify flaws before they can be exploited as zero-days, while also adapting the Secure Development Lifecycle to counter AI-enabled attack techniques.
Full text
Microsoft expects more Windows security updates from AI-discovered flaws By Lawrence Abrams July 9, 2026 01:00 PM 0 Microsoft says Windows users should expect to see an increase in security updates as the company increasingly relies on artificial intelligence to discover vulnerabilities in its codebase. In a blog post published today, Microsoft said advances in AI have significantly accelerated vulnerability discovery, allowing engineers to identify more security issues before they can be exploited in zero-day attacks. "The pace of vulnerability discovery is changing with advances in AI making it possible to find more issues, faster, across more code, with new mechanisms that can accelerate both discovery and analysis," Microsoft said. As part of this approach, the company is using Microsoft Security's multi-model agentic scanning harness (MDASH), an AI-powered vulnerability discovery system previously detailed by Microsoft, which scans critical binaries and validates potential vulnerabilities using multiple AI models. Microsoft says the system scans critical Windows binaries for vulnerabilities and then validates the findings using multiple AI models. Vulnerability candidates are then passed through a second Windows-specific validation pipeline designed to eliminate false positives before engineers investigate the issues. The company says it is also using AI to help engineers understand failures more quickly, suggest possible bug fixes, and identify similar bugs elsewhere in the Windows source code. However, Microsoft says human engineers will still oversee and review all proposed code and validate fixes before they are released into production. Microsoft says the increased use of AI for vulnerability discovery means customers are likely to see more security updates to address newly discovered vulnerabilities in each monthly Patch Tuesday release. "As AI helps defenders discover more issues, customers will see a higher volume of security updates included in each security release," says Microsoft. Artificial intelligence is used not only to find and fix vulnerabilities but also by threat actors to power their attacks and exploit zero-day flaws before they are fixed. Due to this, Microsoft also announced today that it is updating its Secure Development Lifecycle (SDL) practices to account for AI-enabled attack techniques and to use AI earlier in the software development process to identify security issues before features are released. This announcement comes two days after Reuters reported that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has begun using Anthropic's Fable AI model to scan government software for vulnerabilities that cybercriminals or foreign intelligence services could exploit. According to the report, the AI-assisted code audits have already uncovered numerous vulnerabilities, though officials did not disclose how many or provide details on their severity. Test every layer before attackers do Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection. Get the whitepaper Related Articles: Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flawsMicrosoft May 2026 Patch Tuesday fixes 120 flaws, no zero-daysXBOW tests Anthropic's Mythos Preview for offensive security73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous ValidationWebinar tomorrow: Why modern email attacks require a new approach to defense