"The system, codenamed MDASH, was developed by Microsoft's Autonomous Code Security team alongside the Windows Attack Research and Protection group. The platform will enter private preview for enterprise customers next month, Microsoft said in a blog post announcing the system. The vulnerabilities were patched as part of Microsoft's May 12 Patch Tuesday release."
""Cyber defenders are facing an increasingly asymmetric battle," Microsoft added in the blog post. "Attackers are using AI to increase the speed, scale, and sophistication of attacks." The four critical vulnerabilities affected core Windows components broadly deployed across enterprise environments, Microsoft said in the blog."
"Among them was CVE-2026-33827, a remote unauthenticated use-after-free flaw in the Windows IPv4 stack reachable through specially crafted packets carrying the Strict Source and Record Route option, Microsoft said. Another flaw, CVE-2026-33824, involved a pre-authentication double-free issue in the IKEEXT service affecting RRAS VPN, DirectAccess, and Always-On VPN deployments."
"Two additional critical flaws affected Netlogon and the Windows DNS Client, both carrying CVSS scores of 9.8. The remaining 12 vulnerabilities rated "Important" included denial-of-service, privilege-escalation, information disclosure, and security feature bypass flaws affecting components such as tcpip.sys, http.sys, ikeext.dll, and telnet.exe, according to Microsoft."
MDASH is an AI-driven vulnerability discovery system that identified 16 previously unknown Windows vulnerabilities, including four critical remote code execution flaws. The system was developed by Microsoft’s Autonomous Code Security team with the Windows Attack Research and Protection group. Microsoft plans to make MDASH available to enterprise customers in private preview next month. The vulnerabilities were patched during the May 12 Patch Tuesday release. The critical issues affected core Windows components used widely in enterprise environments. Examples include a remote unauthenticated use-after-free flaw in the Windows IPv4 stack and a pre-authentication double-free issue in the IKEEXT service affecting RRAS VPN, DirectAccess, and Always-On VPN. Additional critical flaws affected Netlogon and the Windows DNS Client, with CVSS scores of 9.8. The remaining vulnerabilities were rated Important and included denial-of-service, privilege escalation, information disclosure, and security feature bypass issues across multiple components.
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]