Microsoft will rely on a new Artificial Intelligence (AI) bug-hunting system to detect security flaws in Windows.
If you have a PC running Windows 11, you might be familiar with Patch Tuesday — the informal name for the monthly release of security patches and bug fixes for Windows. This regularly scheduled update is designed to stop inconvenient crashes or bugs, as well as close loopholes that could enable criminals from being able to hack into your device and potentially steal sensitive information.
And now, AI can hopefully do some of the heavy lifting in detecting these vulnerabilities. Pavan Davuluri, Microsoft's executive vice president for Windows and Devices, wrote in a blog post: "As AI helps defenders discover more issues, customers will see a higher volume of security updates included in each security release."
The new system arrives as last month's security update broke records, with a whopping 206 vulnerabilities patched in a single release. It's the first time Microsoft has crossed the 200 mark, and it's all down to their AI-powered detection tool called MDASH. To put that in perspective, July 2025's Patch Tuesday only hit 137 fixes — so it's a pretty large jump in just twelve months.
So how is MDASH meant to work? It's designed to be similar to a team of over 100 specialised AI agents working together to hunt down bugs in Windows code.
The system is designed to run in stages. First, a scanning pipeline checks critical parts of Windows for potential problems where a fraudster could slip through the system.
Then, multiple AI models essentially have a debate about whether each finding is a genuine security risk that hackers could exploit. Finally, a "prover" pipeline creates proof-of-concept tests to confirm the bugs are real – filtering out false alarms before anything reaches the human engineers.
The result? Microsoft can spot zero-day vulnerabilities faster. These are especially dangerous, as hackers have already discovered the glitch and will be leveraging it to hack into devices worldwide.
The numbers really do speak for themselves. Back in May 2026, MDASH's first public outing uncovered 16 previously unknown vulnerabilities in Windows. Among those were four critical remote code execution flaws – the nasty kind that let attackers run malicious code on your machine.
"Timely patching is one of the most effective ways to reduce exposure, especially as AI accelerates the speed at which vulnerabilities can be discovered and exploited," Mr Davuluri noted.
However, it's worth noting that the same AI technology helping Microsoft find flaws faster could also help hackers do the same. It's essentially an arms race, and staying current with patches has never been more important.
That's why it's especially important to ensure your device is running Windows 11 — the latest operating system. This ensures you'll be able to install every security patch released.
If you missed the memo, the US tech firm pulled the plug on its immensely popular Windows 10 operating system late last year, marking the end of a decade of support.
For those who haven't taken action to update their devices, you're leaving yourself vulnerable to an increased risk of malware, ransomware, cyberattacks, and worse. That's because, without regular security updates and bug fixes from Microsoft, there's nothing to stop criminals from exploiting vulnerabilities unearthed within the operating system.
However, Microsoft has quietly given Windows 10 users a welcome lifeline, stretching its Extended Security Update (ESU) programme by an extra year. The new deadline is now October 12, 2027, rather than the original October 2026 cutoff.
The programme is currently available to all individual users with Windows 10 devices running version 22H2 — the final update for the desktop operating system rolled out earlier this month. You'll find the enrolment wizard for the Extended Security Update in the Settings menu.





