MICROSOFT has unveiled MDASH, a multi-model agentic scanning harness designed to autonomously discover, validate, and prove exploitable defects in complex codebases like Windows, and it is being tested by some customers in a limited private preview. MDASH uses more than 100 specialised AI agents across an ensemble of frontier and distilled models to handle vulnerability classes end-to-end, with disagreements between models serving as signals for credibility, according to the system’s description.
It has already been put to the test, unearthing 16 vulnerabilities fixed in this month’s Patch Tuesday, spanning Windows networking and authentication, including two critical flaws that could enable remote code execution. The two critical CVEs are CVE-2026-33824, a double-free in ikeext[.]dll with a CVSS score of 9.8, and CVE-2026-33827, a race condition in tcpip[.]sys with a CVSS score of 8.1, both allowing unauthenticated or unauthorized remote code execution exploits.
According to Microsoft, the architecture leverages model portability across generations and ports findings through a structured pipeline from threat modelling to verified exploits.