Microsoft announced a new multi-model, agentic vulnerability discovery system, codenamed MDASH, that helped uncover 16 previously unknown Windows vulnerabilities, including four critical remote code execution (RCE) flaws, according to Microsoft’s security blog and reporting by CSO and SiliconANGLE. The flaws were included in Microsoft’s May 12 Patch Tuesday updates, with affected components including tcpip.sys, IKEEXT, netlogon.dll, dnsapi.dll and http.sys, per CSO. Microsoft also published benchmark results showing MDASH scored 88.45% on the public CyberGym benchmark and detected all 21 planted issues in a private test driver with zero false positives, according to Microsoft’s blog and SiliconANGLE coverage. Editorial analysis: industry observers note this is an early signal that agentic, multi-model systems can accelerate discovery and increase patch volume, changing how security teams prioritize testing and deployment.
