La nouvelle IA de Microsoft bat Mythos et surprend OpenAI

All right, so there's this massive development from Microsoft that just dropped. And honestly, it's kind of wild how this is all playing out. Microsoft just announced this new AI powered security system they're calling Mdash, which stands for multimodel agentic scanning harness. And what's really interesting here is that this thing just topped the Cyber Gym benchmark leaderboard with a score of 88.45%. Now, to put that in perspective, the next closest score was from Anthropics Mythos preview at 83.1% and OpenAI's GPT 5.5 came in at 81.8%. But here's where it gets absolutely fascinating. Both Anthropic and OpenAI use their own absolute top tier models for this benchmark. Anthropic threw in Mythos, which is literally so powerful they don't even publicly release it. They only share it through this exclusive coalition called Project Glasswing. Open AAI used GPT 5.5 which is their flagship cutting edge model. And Microsoft, well, they don't actually have a frontier model that can compete with those. Instead, they used what they call generally available models, which basically means they grabbed publicly available models from other companies and built a system around them. They literally used other people's models and beat them at their own game. The team behind this came from what's called the autonomous code security division at Microsoft. And several of these folks were part of team Atlanta, the group that won a $29.5 million prize in the DARPA AI cyber challenge. So these people know what they're doing when it comes to building autonomous systems that can find and patch real vulnerabilities in complex software. Now, let's talk about what MDA actually is. It's not just one AI model doing everything. It's this orchestrated pipeline of more than 100 specialized AI agents working together across multiple stages. Think of it like an assembly line where different experts handle different parts of the job. You've got auditor agents, debater agents, prover agents, and they all have their own specific roles. The pipeline breaks down into five main stages. First, there's the prepare stage where the system ingests the source code, builds languageaware indexes, and analyzes past commits to map out attack surfaces and threat models. Then comes the scan stage where specialized auditor agents examine candidate code paths and generate possible findings with hypotheses and evidence. After that, you hit the validate stage where a second group of agents acts as debaters, arguing for and against each finding's reachability and exploitability. Then there's the dedup stage that collapses semantically equivalent findings. And finally, the prove stage where the system actually constructs and executes inputs that trigger the bug. What makes this work is that different stages use different models. You've got state-of-the-art models handling heavy reasoning tasks, distilled smaller models doing high volume verification work efficiently, and then a completely separate state-of-the-art model acting as an independent counterpoint. When these models disagree, that disagreement itself becomes a signal. If an auditor flags something suspicious and the debater can't refute it, that findings credibility shoots up. The really clever part is that this whole system is model agnostic. When a new model comes out, Microsoft can just swap it in with a configuration change and run an AB test. All the engineering work, the plugins, the configurations, the calibrations, all of that carries forward. The model is just one input into a much larger system. So, Microsoft turned this thing loose on their own Windows code and it found 16 vulnerabilities that are getting patched in the May patch Tuesday update. Four of them are rated critical, which means someone halfway around the world could potentially break into your computer without even needing a password. Let me walk you through two specific bugs that really show why having multiple AI agents working together matters so much. And before I break down the first bug, this is actually a good place to mention Higsfield Supercomputer because it takes a similar idea of combining powerful AI models and turns it into something creators can actually use. Higsfield Supercomputer is basically Claude, Chat, GPT, Gemini, and some of the best video models all inside one cloudnative AI agent built for creators. So instead of jumping between different tools, models, tabs, files, and workflows, you get one system where you can actually create, plan, generate, edit, and organize content from the same place. And the main thing here is that it skips the annoying setup part. Usually AI agents sound amazing until you realize you need APIs, connectors, prompts, memories, files, skills, and a bunch of technical steps before anything useful happens. Higsfield Supercomputer gives you 40 plus built-in tools, access to top AI models, and three layers of memory inside one system. That memory part is important because the more you use it, the smarter it gets. It can remember how you like to work, learn your preferences, and help you move faster instead of starting from zero every single time. So, if you're a creator, founder, marketer, or agency owner who wants serious AI workflows without dealing with the technical mess, Higsfield Supercomputer is definitely worth checking out. The link is in the description. All right, now back to Mdash and the kind of bug that only makes sense once you see how scattered the evidence really is. The first one is CVE 2026 333,827 which is a bug in TCPIP. The part of Windows that handles all your internet traffic deep in the operating system core. Here's what's happening. Imagine you're at a library. You check out a book and return it. The book goes back on the shelf for someone else. Now imagine you returned it. Someone else checked it out and wrote all over it. But then you tried to read your original copy. Except it's not your copy anymore. That's what's happening with computer memory here. The code releases a piece of memory so it can be reused, but then tries to access it again later without realizing someone else might have grabbed that memory space in between. The sneaky part is that when you're reading through the code normally, it doesn't look broken. The part where memory gets released and where it tries to use it again are separated by all this other validation code and decision points. Your eyes just glaze over it. But somewhere else in that same codebase, programmers did the exact same operation the right way. To catch this bug, you need something that can look across multiple files, spot these similar patterns, and go, "Hey, wait. Why is this one different?" One AI model staring at a single function won't connect those dots. But a team of agents where some hunt for bugs, others compare patterns across the whole codebase, and others play devil's advocate, that system can piece it together. The second one is CVE2026 33,824 in the IE ext. This is a double free bug scattered across six different files. Think of this one like a shared bank account where you both think you're responsible for the same bill. You pay it, they pay it, and now someone got paid twice. Except in computer memory, when two parts of code both think they own the same memory and both try to release it, things get messy fast. What makes this nasty is it happens when the system does a shallow copy during network packet reassembly. It copies surface information but not the actual data underneath. So now two parts of the system are both pointing at the same data, both thinking they own it. When they both try to clean up, you get double free. And this runs as local system, which is basically god mode on Windows. An attacker can trigger this with just two specially crafted network packets. No complicated timing tricks. No getting lucky with millisecond precision. Just two packets for potential remote code execution. This bug is invisible if you're looking at one file at a time. You need to track how data flows across six different files and spot where memory ownership gets screwed up. That's exactly what a multi-agent system excels at with different agents tracking different parts of the puzzle and coming together to find something seriously wrong. Again, no single file analysis would catch this because the bug is spread across six files. The strongest evidence that this is actually a bug comes from looking at a correctly handled version of the same pattern elsewhere in the codebase. You need agents that can surface these kinds of comparisons and then debate whether the finding holds up under scrutiny. Microsoft also ran some internal tests on historical bugs. They took pre-patched snapshots of two heavily reviewed Windows components and measured whether Mdash would rediscover vulnerabilities that the Microsoft Security Response Center had confirmed. For CLFS.csis, they got 96% recall across 28 MSRC cases spanning 5 years. For TCPIP.is, 100% recall across seven MSRC cases spanning 5 years. These aren't theoretical bugs. These are actual vulnerabilities that attackers exploited and required patch Tuesday fixes. They also tested mdash on a private device driver called storage drive that's used in Microsoft interviews for offensive security researchers. This driver has 21 deliberately injected vulnerabilities. And because it's private and unpublished, they knew it wasn't in any models training data. Mdash found all 21 vulnerabilities with zero false positives. The CyberJ benchmark that MDA topped is actually really interesting. It was developed by a team at UC Berkeley and published at ICLR 2026. It includes 1,57 realworld vulnerability reproduction tasks from 188 OSS fuzz projects. The test is straightforward. Give the AI code with a known vulnerability and a description. And it has to write attack code that triggers it. Microsoft used CyberJim's default level one configuration which provides vulnerable source code and a highle vulnerability description. When Microsoft analyzed the roughly 12% of tasks where Mdash failed, they found patterns. Among findings that targeted the wrong code area, 82% came from tasks with vague descriptions lacking function or file identifiers. Description quality really matters for scan accuracy. They also found cases where the agent built lib fuzzer style inputs when the task required hong fuzz format inputs. So the reproduction logic was sound but failed on a format mismatch. What's really striking is what this means for the AI race. Anthropic poured massive resources into training mythos to be the strongest single model in security. Open AAI did the same with GPT 5.5. Microsoft doesn't have a model at that level, but they built a system that beats both by orchestrating multiple models together. They used anthropics and open AI's own models against them. This raises a fundamental question about how we get to artificial super intelligence. Is there one path or two? The first is what anthropic and open AI are doing. Pushing a single model to the absolute limit that requires enormous compute, massive data, and top tier research teams. The second is what Microsoft just demonstrated with Mdash. Not trying to create the strongest single model, but building a system that maximizes existing model capabilities through task decomposition and multi- aent orchestration. The catch is that the second path still depends on the first. Mdash uses models trained by companies on the first path. If those companies stop training stronger models, Mdash's ceiling stops rising, too. But this shows that in specific domains, a well-engineered system can bridge or even reverse the gap between model capabilities. But here's the thing, attackers can use the same technology. Mdash uses publicly available models and doesn't have any exclusive technical barriers. So if defenders can use this to find vulnerabilities faster, so can attackers. The race just got a whole lot faster on both sides. What Microsoft is really emphasizing here is that the value isn't in the model itself. It's in the system around the model, the pipeline, the specialized agents, the validation stages, the domain specific plugins. That's where the durable advantage comes from. When a new model drops, you don't rebuild everything. You just swap in the model and keep your engineering assets. The question people should be asking about AI security tools isn't which model does it use, but what does the system do with the model and what survives when the next model arrives? Microsoft is being pretty open about the fact that this is still early days. They're testing Mdash with customers through a limited private preview, and they haven't announced pricing or a general release timeline yet. But the results they're showing are pretty compelling. An 88.45% score on CyberJim, 96 to 100% recall on historical Windows bugs, and 16 real CVEes getting patched this month, including four critical remote code execution flaws. The broader implication is that we're moving into a phase where the engineering around AI models might matter as much as the models themselves. For model companies like Anthropic and OpenAI, that's a bit of a wake-up call. Leading in raw model capability doesn't automatically translate into leading at the application layer. For platform companies like Microsoft and Google, it shows there's a differentiated path forward even if you don't have the strongest model. And for everyone else, it means the cyber security landscape is about to get a lot more dynamic because both attackers and defenders just got a major capability upgrade. The team behind Mdash included folks from Microsoft's Autonomous Code Security Group, Microsoft Offensive Research and Security Engineering, and Microsoft Windows Attack Research and Protection. These are the people who do the deep, hard, offensive security research on Windows, and they collaborated to build this into a mature harness. Microsoft says they'll be sharing more updates as they continue rolling this out. But for now, this is a pretty significant milestone in AI powered security research, moving from lab experiments into real world production systems that are actually finding bugs that matter. Also, if you want more content around science, space, and advanced tech, we've launched a separate channel for that. Links in the description. Go check it out. Anyway, that's it for this one. Let me know if you think Microsoft just showed the future of cyber defense or opened the door to something much bigger. Thanks for watching and I'll catch you in the next one.