Silicon Angle reports that Microsoft has detailed a new artificial intelligence-powered vulnerability discovery system, code-named MDASH, which has already identified 16 previously unknown flaws in Windows networking and authentication components. Four of these critical vulnerabilities were patched in this month's Patch Tuesday release.The MDASH system, developed by Microsoft's Autonomous Code Security team, utilizes over 100 specialized AI agents to find and validate exploitable bugs. The discovered vulnerabilities affect key Windows components like the TCP/IP stack, IPsec service, and Netlogon, with many being network-reachable without requiring credentials. Four critical flaws, including remote code execution bugs like a use-after-free in tcpip.sys and a double-free in the IKEv2 service, are among the addressed vulnerabilities.Microsoft highlighted MDASH's performance on various benchmarks, demonstrating high recall and accuracy in identifying vulnerabilities that traditional scanners might miss. The system's architecture involves a pipeline of specialized AI agents for scanning, validation, and proof, incorporating both frontier and distilled models. MDASH is currently being used internally by Microsoft and is in private preview with select customers, signaling a significant advancement in AI-driven cybersecurity.Source: Silicon Angle
AI/ML
Microsoft details new AI system for vulnerability discovery

Credit: Gary Hershorn/Getty Images
An In-Depth Guide to AI
Get essential knowledge and practical strategies to use AI to better your security program.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



