Back

Microsoft's MDASH AI Scanner Identifies Critical RCE Vulnerabilities in Windows

Severity: High (Score: 70.5)

Sources: www.microsoft.com, Neowin, Itnews.Au

Summary

Microsoft's new MDASH AI vulnerability scanner has discovered four critical remote code execution (RCE) vulnerabilities in Windows, specifically affecting the TCP/IP networking stack, Internet Key Exchange (IKE) version 2, Netlogon services, and the DNS API library. In total, MDASH identified 16 vulnerabilities, with 10 in kernel mode and six in user mode, primarily exploitable from a network position without credentials. These vulnerabilities were patched in April and May 2026. The MDASH system utilizes over 100 specialized AI agents for vulnerability detection and has shown high effectiveness in tests, achieving 88.45% on the CyberGym benchmark and 100% recall on specific internal tests. Currently, MDASH is in a private preview phase with select customers and Microsoft's security teams. Key Points: • MDASH identified four critical RCE vulnerabilities in Windows networking components. • The vulnerabilities were patched in April and May 2026, with no credentials needed for exploitation. • MDASH outperformed competitors in vulnerability detection benchmarks, achieving top scores.

Key Entities

  • Remote Code Execution (attack_type)
  • United States (country)
  • Windows (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed