Artificial IntelligenceBigTech CompaniesCybersecurityNewswireWhat's Buzzing

Microsoft Warns of Rising Number of Security Updates

Originally published on: July 11, 2026
▼ Summary

– Microsoft warns customers to expect more Windows security updates as it uses AI to find more zero-day vulnerabilities.
– The company uses multi-model agentic scanning harness (MDASH) to discover and validate novel vulnerabilities across the Windows codebase.
– AI-powered scanning helps automate vulnerability detection, reduce false positives, and shrink the attack window for zero-day exploits.
– Microsoft is updating its Secure Development Lifecycle (SDL) to address AI-enabled attack techniques, but maintains human oversight of updates.
– Despite AI advances, studies show 78% of organizations say fully automated scanning misses critical vulnerabilities, and 81% run vulnerable AI packages.

Microsoft is preparing customers for a significant increase in the number of security updates they will need to apply to Windows, driven by the company’s deployment of advanced AI techniques to uncover more zero-day vulnerabilities.

In a July 9 blog post, the tech giant explained that it is now applying AI to security analysis to “identify patterns faster, prioritize risk and scale vulnerability discovery across the Windows codebase.” The company stated that as artificial intelligence helps defenders find more issues, users will notice a higher volume of security updates in each release. “This is evidence that defenders are getting better at identifying and addressing issues,” the post added. “Our focus is to effectively utilize these AI tools to support faster protection, stronger engineering systems and more actionable guidance for customers.”

A key element of this strategy is the multi-model agentic scanning harness (MDASH), which employs several AI models to detect novel vulnerabilities. Microsoft described the process: “To run MDASH at Windows scale, Windows set up dedicated cloud infrastructure for scanning and proving. A scanner pipeline scans critical binaries and validates candidates using multi-model debate across multiple model families.” Confirmed findings then move to a separate, Windows-specific pipeline that helps eliminate remaining false positives, so only the most reliable findings reach the engineering team. “This automation helps handle a larger volume of potential vulnerabilities and shortens the review window for new ones, shrinking the attack window for zero-day exploits,” the company noted.

Microsoft also announced it is updating its Secure Development Lifecycle (SDL) best practices to address “AI-enabled attack techniques and exploit paths.” However, the company stressed that human oversight will remain integral to the process to maintain update quality.

The announcement follows reports that the US Cybersecurity and Infrastructure Security Agency (CISA) is using Anthropic’s Fable tool to scan for vulnerabilities across government systems. In April, CISA’s Lindsey Cerkovnik, who represents the agency on the CVE Board, called for frontier AI companies to take a larger role in software vulnerability disclosures.

Yet skepticism persists. A June study from Cobalt found that the percentage of organizations relying entirely on AI automation for vulnerability scanning dropped from 29% to 9% between 2025 and 2026. More than three-quarters (78%) of respondents said fully automated tools missed critical vulnerabilities.

AI also presents its own risks. A new Orca Security study published on July 9 claimed that 81% of organizations run vulnerable AI packages, and 99.9% of fixable AI vulnerabilities remain unpatched.

(Source: Infosecurity Magazine)

Topics

ai vulnerability detection 98% windows security updates 95% multi-model scanning 93% zero-day exploits 91% cloud infrastructure scanning 89% false positive reduction 88% secure development lifecycle 87% human oversight 85% government vulnerability scanning 84% frontier ai disclosure 82%