Microsoft is developing an AI-powered vulnerability detection and repair tool modeled after Anthropic's Mythos, marking the next phase of its push to automate cybersecurity at scale.
The software giant is preparing a new product that uses multiple AI models to automatically scan for software flaws and generate corresponding security fixes, according to a person familiar with the plans. The tool draws inspiration from Anthropic's Mythos model, which has been credited with a surge in vulnerability discoveries across the industry.
"This is the logical next step after MDASH showed what AI can do at scale," said Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative, referring to Microsoft's internal AI scanner that found 16 flaws in May's Patch Tuesday by itself. "The question is whether automated remediation can keep pace with automated discovery."
The development comes as Microsoft ships its largest-ever security update. July's Patch Tuesday fixed 622 vulnerabilities, according to the company's count, more than tripling June's record tally of 206. Fifty-eight of the flaws were rated critical, and three were zero-days — two of which attackers were already exploiting in the wild. An additional 428 Chromium bugs were patched in the Edge browser.
The scale of the update has strained enterprise security teams accustomed to triaging by severity score. The two exploited zero-days — CVE-2026-56155 in Active Directory Federation Services and CVE-2026-56164 in SharePoint Server — both carried mid-tier severity ratings, undermining the traditional CVSS-based prioritization model that many organizations still rely on.
AI's double-edged role in vulnerability discovery
Microsoft's Pavan Davuluri warned customers last week to expect "a higher volume of security updates" as AI tools accelerate bug hunting. The monthly count has climbed from 79 in March to 206 in June to 622 in July, a trajectory that mirrors the adoption of AI-assisted vulnerability research across the industry.
Anthropic's Mythos model has been a primary driver. OpenAI separately demonstrated GPT-Red, an in-house AI agent that hunts flaws in its own models. The trend is forcing a recalibration of how vendors and security teams allocate resources.
But the same tools that help defenders also aid attackers. Once a patch ships, adversaries can compare the updated code with the previous version, identify the patched vulnerability, and build an exploit within hours. The traditional practice of deferring patches for a week to test for compatibility issues is becoming untenable.
A rocky rollout tests enterprise readiness
The July update has not been smooth. Microsoft paused the rollout for some Dell devices with Intel chips after reports of sudden shutdowns, overheating, and battery drain. A fix is expected within days.
For security teams, the incident underscores a broader challenge: larger updates increase testing workloads and the risk of compatibility issues, yet the shrinking window between disclosure and exploitation demands faster deployment. Microsoft has already advised organizations to shorten Windows update deferral periods to three days.
Microsoft shares, trading at roughly 33 times forward earnings, have gained 18% this year as the company's AI investments drive revenue growth across Azure, Copilot, and security products. The new vulnerability detection tool, if successful, could further strengthen Microsoft's security portfolio — a business that generates more than $20 billion in annual revenue — while putting additional pressure on competing vulnerability management platforms from Tenable, Qualys, and Rapid7.
This article is for informational purposes only and does not constitute investment advice.