Microsoft MDASH Preview Adds AI Vulnerability Scans to Defender CLI

Microsoft is reportedly preparing an AI-assisted vulnerability discovery service called Project Perception, but there is no evidence that it produced the fixes in Windows’ latest Patch Tuesday. The more immediate Windows security story is MDASH, Microsoft’s existing multi-model scanning system, which the company has already tied to vulnerability research and is now previewing through Microsoft Security Exposure Management.
As reported by Neowin, citing The Information, Project Perception would route code-analysis tasks among models from Microsoft, OpenAI, and Anthropic. The aim is to find and help remediate software flaws while selecting the most suitable model for each job, rather than relying on one expensive frontier model for every scan. The report says Microsoft may launch the product in July, though Microsoft has not publicly announced its availability, pricing, supported workloads, or customer eligibility.

A cybersecurity analyst monitors vulnerabilities and global security operations across glowing dashboards.Perception is separate from MDASH, for now​

Microsoft’s public work is called MDASH, short for Multi-Model Agentic Scanning Harness. In a May security blog post, Microsoft said MDASH had helped researchers identify 16 Windows networking and authentication vulnerabilities for that month’s Patch Tuesday, including critical remote-code-execution bugs.
Microsoft describes MDASH as an agentic system rather than a single model: multiple models and specialized agents inspect code, validate possible findings, and pass the highest-confidence results to engineers. Microsoft’s Security Exposure Management release notes now list an MDASH public preview, with scans available through Defender CLI and a GitHub connector.
That matters because it makes the suggestion that Project Perception created the latest Windows patches speculative. Neowin notes that a relationship between Perception and MDASH is unclear. The names may describe related efforts, or Perception could be a future commercial layer built around similar internal technology, but neither point has been confirmed by Microsoft.

More fixes, not automatic fixes​

The July Patch Tuesday volume—reported at roughly 570 vulnerabilities across Microsoft products—has renewed attention on AI-assisted bug discovery. More effective internal scanning will likely mean larger security update batches, because Microsoft can uncover defects before attackers or outside researchers do.
That is good for defenders only if organizations keep up with deployment and testing. AI may accelerate discovery, but it does not remove the operational work: validating fixes against line-of-business applications, prioritizing internet-facing systems, and deploying updates quickly where exploitation is known or likely.
Anthropic’s Mythos 5 illustrates why access to these tools is sensitive. Anthropic says its restricted model can find and exploit software vulnerabilities at a level beyond most human security experts, while its broadly available Fable 5 applies classifiers and falls back to a less capable model for cyber-related requests. Project Perception, if it appears, could face similar access controls.
For Windows admins, the actionable item remains unchanged: treat the July security updates as a major deployment cycle and use Microsoft’s published advisories—not reports about an unreleased AI product—to set patch priority.

References​

  1. Primary source: Neowin
    Published: 2026-07-17T11:32:01+00:00
  2. Related coverage: pcgamer.com
  3. Related coverage: thehackernews.com
  4. Related coverage: tweakers.net
  5. Related coverage: windowslatest.com
  6. Related coverage: windowscentral.com
 

Back
Top