Microsoft is using more than 100 specialized AI agents to find exploitable bugs in Windows before attackers do. Pavan Davuluri, EVP of Microsoft’s Windows + Devices division, published the details on July 9 in a blog post outlining how the company’s multi-model agentic scanning harness, called MDASH, is scaling vulnerability discovery across the Windows codebase.
How MDASH Works
The system was built by Microsoft’s Autonomous Code Security (ACS) team and runs on dedicated cloud infrastructure. According to ZDNet, MDASH “orchestrates more than 100 specialized AI agents across an ensemble of frontier and distilled models to discover, debate, and prove exploitable bugs end-to-end.”
The pipeline operates in two stages. A scanner pipeline scans critical Windows binaries and validates candidates through multi-model debate across multiple model families. Confirmed candidates then move to a separate “prove pipeline” specific to Windows that eliminates remaining false positives, so only high-confidence findings reach human engineers. According to Davuluri’s blog post, this helps “reduce the time between discovery and customer protection.”
Microsoft first introduced MDASH in May 2026. In its initial deployment, the system discovered 16 vulnerabilities, four of them rated Critical. All 16 were patched in the June security update.
Faster Patches, Heavier Update Loads
Microsoft is integrating MDASH earlier into the development lifecycle. Davuluri wrote that the company is “updating our Secure Development Lifecycle (SDL) best practices to ensure our secure-by-design approach explicitly accounts for potential AI-enabled attack techniques and exploit paths.” The goal is to catch vulnerabilities during the build and review process, not just in post-release scanning.
For enterprise customers, this means more fixes per update cycle. Microsoft acknowledged in the blog post that “customers will see a higher volume of security updates included in each security release,” according to ZDNet’s coverage by Ed Bott. Admins who encounter issues during testing can use Known Issue Rollback (KIR) to revert specific changes without uninstalling entire updates.
The Staffing Question
The acceleration comes as Microsoft targets roughly 7% of its U.S. workforce with a voluntary retirement program. As ZDNet noted, longtime Microsoft watchers Todd Bishop and Kurt Schlosser flagged the risk of institutional knowledge loss as experienced employees depart. The remaining security engineers will need to process a higher volume of AI-generated findings with a thinner bench of senior colleagues to consult.
Davuluri emphasized that human expertise remains in the loop: “using AI to help identify potential issues earlier in the development process, while relying on human expertise to evaluate findings, make risk-based decisions and ensure fixes meet the quality bar customers expect.”
From Research Demo to Production Infrastructure
The operational shift is the real signal here. Multi-agent debate, where AI models challenge each other’s findings to reduce false positives, has been a research technique for years. Microsoft is now running it as production infrastructure against a codebase that runs on 1.5 billion devices. The dedicated cloud pipelines, the two-stage scan-and-prove architecture, and the direct integration into SDL processes represent agent orchestration moving from lab to mainline engineering workflow.
For security teams at other enterprises evaluating agent-based tooling, the MDASH architecture offers a reference pattern: multiple specialized agents, model diversity to reduce single-model blind spots, a separate validation stage to filter false positives, and human engineers as the final gate before patches ship.