MDASH: a 100-agent, multi-model scanning harness
Microsoft says it has orchestrated more than 100 specialized AI agents "across an ensemble of frontier and distilled models" in a system it calls MDASH — shorthand for a "multi-model agentic scanning harness." The company describes the agents as performing distinct roles such as "auditor," "debater" and "prover," and explicitly rejects the idea that a single model or prompt can complete all stages of vulnerability discovery in one pass. Microsoft further argued that disagreement among agents can serve as a credibility signal: when an auditor flags a finding and a debater cannot refute it, that finding's posterior credibility rises, the company wrote.
The 16 findings and May's Patch Tuesday
Using MDASH, Microsoft reported discovering 16 new vulnerabilities in the Windows networking and authentication stack. Of those, four were characterized as "critical remote code execution flaws in components such as the Windows kernel TCP/IP stack" and the IKEv2 key management protocol. Microsoft patched the flaws as part of its most recent monthly dump of software fixes, accompanying the discoveries with commentary from Tom Gallagher, who leads Microsoft's Microsoft Security Response Center, that AI is accelerating "the scale and speed of vulnerability discovery."
Benchmarks and market positioning: MDASH versus Mythos and GPT 5.5
Microsoft published benchmark results placing MDASH ahead of Anthropic's Mythos and OpenAI's GPT 5.5 on the University of California-Berkeley developed CyberGym benchmark — a testing method described as meant for AI abilities on actual vulnerabilities from production software. MDASH scored 88.4%; Mythos scored 83.1%; GPT 5.5 scored 81.8%. The report notes these scores are based on self-reporting from the companies.
Microsoft did not disclose which models comprised MDASH or who made them. The company has historically integrated GPT models across its products, but said it has also pressed development of its own proprietary models, announcing in April three new "MAI" models: MAI-Transcribe-1, MAI-Voice-1 and MAI-Image-2. Microsoft positioned MDASH as an internally used research and "production-grade defense at enterprise scale" and said it is being tested only by engineers internally and a "small set of customers as part of a limited private preview." The company mentioned no plans for a public release.
How technologists, affected enterprises, and adversaries will react
- Technologists and security teams: Security researchers will likely examine MDASH's agentic workflow — auditor, debater, prover — for ways to validate, triage and automate vulnerability discovery. Microsoft's framing suggests teams should watch for agent disagreement as an analytic signal rather than seeking a single-model oracle.
- Affected enterprises and procurement leaders: The immediate operational impact is concrete: Microsoft patched the 16 findings through its routine Patch Tuesday cycle. Procurement and endpoint teams will need to monitor monthly fixes and continue standard patch management, while evaluating vendor claims such as CyberGym scores that the companies themselves have reported.
- Adversaries and threat actors: The company framed MDASH as accelerating the "scale and speed" of discovery, which has dual implications for defenders and attackers; Microsoft, however, said MDASH is used internally and in a limited private preview rather than as a broadly available offensive tool.
Microsoft's strategic posture: internal use, private preview, and model choices
Microsoft presented MDASH as a systems-level advance — an agentic architecture around models rather than endorsement of any single model. It contrasted that approach with the public-facing claims from Anthropic and OpenAI about individual models (Mythos and GPT 5.5). While Microsoft noted a historical closeness with OpenAI, the company also emphasized its push toward proprietary models and frameworks. For now, MDASH remains an internal capability and a limited private preview; there is no announcement of a wider release.
Microsoft's disclosure leaves two immediate, factual takeaways: MDASH is a multi-agent system that Microsoft says can find real, high-severity vulnerabilities at scale, and those findings have already been folded into the company's regular monthly security patches. Beyond that, the company is positioning agentic ensembles as the organizational lever it sees as decisive — and for the moment it is keeping that system largely behind its own firewall.
https://www.govinfosecurity.com/microsoft-debuts-bug-hunting-100-agent-ai-system-a-31703




