Tech News

Microsoft Warns AI Will Flood Future Patch Tuesdays

Do you feel like Patch Tuesdays are getting heavier and heavier? This is only the beginning. On July 9, 2026, Microsoft published a post to warn us: the volume of security fixes is set to surge over the coming months. Is Windows code getting worse and worse? I wouldn't go that far, since it is mainly AI that is accelerating vulnerability discovery.

MDASH, the machine finding flaws in Windows

To identify vulnerabilities, Microsoft relies on MDASH: Multi-model agentic scanning harness. This system was introduced on May 12, 2026 on the Microsoft Security blog, and I already covered it in a previous article.

The idea is to orchestrate many specialized AI agents spread across multiple models, including third-party models, rather than relying on a single model. Microsoft therefore has a complete pipeline to ingest and index code, scan it (audit), and then validate findings (exploitability, etc.) before building proofs of concept.

To tackle Windows security, Microsoft explains that it has built a dedicated cloud infrastructure. One pipeline analyzes critical binaries and validates potential candidates using debates between model families, then a second pipeline, specific to Windows, removes the remaining false positives. Only the strongest findings are escalated to the engineers in Redmond.

Microsoft says it is fully satisfied with MDASH's performance. In fact, a recent Patch Tuesday has already served as a showcase: 16 CVEs fixed in the Windows networking stack were found with MDASH.

Denser updates, and a tougher patching contract

Microsoft makes no secret of it. "As AI helps defenders discover more issues, customers will see a higher volume of security updates included in each release.", says Pavan Davuluri at Microsoft. The Redmond company presents this increase as a sign of progress rather than a symptom.

AI is also used downstream: it helps engineers understand failures faster, suggest fixes, and spot similar bugs elsewhere in the source code. Rest assured: Microsoft says humans still review all proposed code and validate fixes before production.

The trend is already visible. In fact, the June 2026 Patch Tuesday already fixed 200 vulnerabilities, notably thanks to MDASH work. Next week's July 2026 Patch Tuesday could be heavy, and this is only the beginning.

AI is on both sides of the line

Microsoft acknowledges it: AI-accelerated discovery is a double-edged sword. Attackers also have AI and, even if it may not be as sharp as MDASH, Mythos 5 or others, it shortens the window between the appearance of a flaw and its exploitation.

At the same time, Microsoft has evolved its SDL practices (Secure Development Lifecycle) to account for AI-assisted attack techniques, and to introduce AI earlier in the development cycle, before features are even released. The goal is no longer to treat vulnerability research as a separate activity, but as an integrated step in building Windows.

Source

author avatar
Florian Burnel Co-founder of IT-Connect
Systems and network engineer, co-founder of IT-Connect and Microsoft MVP "Cloud and Datacenter Management". I'd like to share my experience and discoveries through my articles. I'm a generalist with a particular interest in Microsoft solutions and scripting. Enjoy your reading.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.