Microsoft MDASH agentic scanning system discovers vulnerabilities in Windows, Azure, and identity systems at scale
Microsoft's multi-model agentic vulnerability discovery system (MDASH) has transitioned from research to production use across Windows, Azure, and Active Directory, surfacing findings through existing DevSecOps workflows.
Attack Brief
TargetMicrosoft Windows, Hyper-V, Azure, Active Directory Domain Services, Remote Desktop Client, HTTP.sys, DNS Client, DHCP ClientVectorSoftware vulnerability discovery and remediation via AI-powered code analysis
Technical Details
AffectedWindows kernel, Hyper-V, Azure virtualization and core infrastructure services, Active Directory Domain Services, Remote Desktop Client, HTTP.sys, DNS Client, DHCP Client
Impact
Confirmed DamageMultiple remote code execution, elevation of privilege, and information disclosure vulnerabilities identified
Mitigation
DetectionFindings surface as code scanning alerts in GitHub Advanced Security (GHAS) on pull requests and repository security tabs; integrated into Azure DevOps pipeline gates and Microsoft Defender threat prioritization workflows