Microsoft is announcing that its artificial intelligence systems can identify novel vulnerabilities within source code:

Microsoft uncovered eleven vulnerabilities in GRUB2, which include integer and buffer overflows within filesystem parsers, flaws in commands, and a side-channel in cryptographic comparisons.

Moreover, 9 buffer overflows were found in parsing SquashFS, EXT4, CramFS, JFFS2, and symlinks within U-Boot and Barebox, all of which necessitate physical access for exploitation.

The newly identified flaws affect devices that depend on UEFI Secure Boot, and if specific conditions are fulfilled, attackers may circumvent security measures to run arbitrary code on the device.

There’s nothing overly concerning here. These vulnerabilities aren’t exploitable immediately. Nevertheless, the fact that an AI system is capable of this is remarkable, and I anticipate their abilities will keep advancing.