Microsoft Corp. today detailed a new artificial intelligence-powered vulnerability discovery system that uncovered 16 previously unknown flaws in Windows networking and authentication components, including four critical remote code execution bugs patched in this month’s Patch Tuesday release.

The system, codenamed MDASH for multi-model agentic scanning harness, was built by Microsoft’s Autonomous Code Security team in collaboration with the company’s Windows Attack Research and Protection group. MDASH orchestrates more than 100 specialized AI agents across an ensemble of frontier and distilled models to find, debate and prove exploitable bugs from end to end.

The 16 vulnerabilities span the Windows TCP/IP stack, the IKEEXT IPsec service, HTTP.sys, Netlogon, DNS resolution and the Telnet client.

Ten of the vulnerabilities were kernel-mode and six were usermode and most were reachable from a network position without credentials.

Among the four rated critical are CVE-2026-33827, a remote unauthenticated use-after-free in tcpip.sys triggered by crafted IPv4 packets carrying the Strict Source and Record Route option and CVE-2026-33824, a double-free in the IKEv2 service reachable over UDP port 500 that yields code execution as LocalSystem.

The vulnerabilities were also not the kind a single-pass scanner would typically surface. The tcpip.sys flaw involved a reference-counted Path object whose ownership was dropped before a later reuse, with three independent concurrent free paths in play. The IKEEXT double-free vulnerability spanned six source files and was only visible when contrasted against a correctly handled site elsewhere in the same code base.

Microsoft also disclosed benchmark results to back claims that the harness is performing at production scale.

On a private test driver called StorageDrive containing 21 planted vulnerabilities, MDASH identified all 21 with zero false positives. Against five years of confirmed Microsoft Security Response Center cases, the system recorded 96% recall on clfs.sys and 100% on tcpip.sys. On the public CyberGym benchmark, which covers 1,507 real-world vulnerability reproduction tasks drawn from 188 open-source projects, MDASH scored 88.45%, the top result on the leaderboard and roughly five points ahead of the next entry.

The architecture runs the work as a pipeline of prepare, scan, validate, dedup and prove stages, with specialized agent roles at each step. State-of-the-art models handle heavy reasoning, distilled models act as cost-effective debaters for high-volume passes and a separate frontier model provides an independent counterpoint. Domain plugins inject context the foundation models cannot infer on their own, including kernel calling conventions, lock in variants and interprocess communication trust boundaries.

Taesoo Kim, vice president of agentic security at Microsoft, wrote in the company’s announcement that the durable advantage in AI-driven vulnerability discovery lies in the agentic system around the model rather than any single model. Several members of the Autonomous Code Security team came from Team Atlanta, the group that won first place in the $20 million DARPA AI Cyber Challenge by building an autonomous cyber-reasoning system that found and patched real bugs in open-source projects.

MDASH is already being used internally by Microsoft engineering teams and is being tested by a limited set of customers as part of a private preview.

Image: Microsoft

Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.

  • 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
  • 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.

About SiliconANGLE Media

SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.