Microsoft’s New MDASH Multi-Model AI System Hunts Vulnerabilities at Hyper-Scale

Microsoft is ramping up its efforts on AI-based cybersecurity solutions to a huge extent. Right after OpenAI announced its Daybreak initiative, Microsoft has unveiled MDASH, which stands for Multi-Model Agentic Security Hub. The company explains that this model has the capability of discovering software vulnerabilities even before the threat actors make use of them.

This new model apparently helped to identify a total of 16 vulnerabilities in Windows networking and authentication elements, four of them being severe remote code execution issues related to tcpip.sys and IKEv2 service.

MDASH finds 16 Windows vulnerabilities via more than 100 AI agents

MDASH apparently involves the usage of more than 100 AI agents, which work together on various frontier and distilled models. According to Microsoft, those agents can independently detect bugs, debate exploitability, validate results, and even develop proof-of-concept attacks.

Also, Microsoft published some aggressive benchmark numbers. Per the company, MDASH detected all 21 injected vulnerabilities in a private test driver without any false positives. In addition, MDASH attained 96% recall for five years of validated Microsoft Security Response Center cases in clfs.sys and 100% recall in tcpip.sys.

That’s not all; MDASH scored 88.45% on the public CyberGym vulnerability benchmark for 1,507 publicly disclosed vulnerabilities. This score puts MDASH about five points ahead of the nearest competitor on the leaderboard.

Not to mention, the findings are significant. Microsoft says the system detected multiple remotely exploitable vulnerabilities in tcpip.sys, dnsapi.dll, netlogon.dll, and ikeext.dll. Some vulnerabilities permitted unauthenticated remote code execution, while others facilitated denial-of-service attacks or security bypasses. The patches were released through recent Patch Tuesday updates.

In an era where tech companies are rapidly developing their own autonomous agents, it seems that cybersecurity is becoming one of the most important testing grounds for the industry. To catch you up, Anthropic also recently announced its cybersecurity model, Mythos, as part of Project Glasswing.

According to the company, MDASH has already been rolled out both internally and through a restricted private beta test among select customers.