Free Quiz
Write for Us
Learn Artificial Intelligence and Machine Learning
  • Artificial Intelligence
  • Data Science
    • Language R
    • Deep Learning
    • Tableau
  • Machine Learning
  • Python
  • Blockchain
  • Crypto
  • Big Data
  • NFT
  • Technology
  • Interview Questions
  • Others
    • News
    • Startups
    • Books
  • Artificial Intelligence
  • Data Science
    • Language R
    • Deep Learning
    • Tableau
  • Machine Learning
  • Python
  • Blockchain
  • Crypto
  • Big Data
  • NFT
  • Technology
  • Interview Questions
  • Others
    • News
    • Startups
    • Books
Learn Artificial Intelligence and Machine Learning
No Result
View All Result

Home » Google’s new AI agent rewrites code to automate vulnerability fixes

Google’s new AI agent rewrites code to automate vulnerability fixes

Tarun Khanna by Tarun Khanna
October 8, 2025
in Artificial Intelligence
Reading Time: 4 mins read
0
Google’s new AI agent rewrites code to automate vulnerability fixes

Photo Credit: https://www.artificialintelligence-news.com/

Share on FacebookShare on TwitterShare on LinkedInShare on WhatsApp

Google DeepMind has deployed a new AI agent designed to autonomously locate and fix essential safety vulnerabilities in software program code. The system, aptly-named CodeMender, has already took part in 72-security fixes to generated open-source ventures in the last 6-months.

Identifying and patching vulnerabilities is a notably difficult and time-taking procedure, inspite of the aid of traditional automated strategies like fuzzing. Google DeepMind’s very own research, which consist AI-primarily based ventures which include Big Sleep and OSS-Fuzz, has proven effective at finding new zero-day vulnerabilities in well-audited code. This achievement, however, generates a new bottleneck: as AI increase the invention of flaws, the load on human developers to fix them intensifies.

CodeMender is engineered to address this imbalance. It functions as an self reliant AI agent that takes a comprehensive technique to fix code safety. Its capabilities are both reactive, permitting it to patch latest discovered vulnerabilities immediately, and proactive, allowing it to rewrite current code to eliminate entire classes of safety flaws before they can be exploited. This permits human developers and venture maintainers to commit more in their time to building functions and enhancing software program functionality.

Also Read:

The Trump administration is going after semiconductor imports

AI Cracks the Code for the Next Generation of Solar Power

Microsoft discloses Microfluidic Cooling Breakthrough for AI Chips

What does the future hold for generative AI?

The machine operates by utilizing the advanced reasoning capabilities of Google’s latest Gemini Deep Think models. This foundation lets in the agent to debug and solve complicated safety problems with a high degree of autonomy. To obtain this, the system is equipped with a set of tool that allow it to examine and reason about code before implementing any changes. CodeMender also consists of a validation method to make certain any modifications are correct and do not introduce new troubles, referred to as regressions.

While large language models are advancing quickly, a mistake when it comes to code security may have expensive outcomes. CodeMender’s automatic validation framework is therefore important. It systematically checks that any proposed changes fix the root cause of an problem, are functionally correct, do no break current tests, and adhere to the venture’s coding style guidelines. Only high-quality patches that fulfill these stringent criteria are surfaced for human review.

To enhance its code fixing effectiveness, the DeepMind team evolved new strategies for the AI agent. CodeMender employs superior program analysis, utilizing a collection of tools which include static and dynamic evaluation, differential testing, fuzzing, and SMT solvers. These instruments permit it to systematically scrutinise code patterns, control flow, and data float to discover the essential causes of security flaws and architectural weaknesses.

The system also uses a multi-agent architecture, wherein specialized agents are deployed to address unique aspects of a trouble. For example, a devoted large language model-based totally critique tool discloses the differences between authentic and modified code. This permits the primary agent one agent to confirm that its proposed changes do not introduce unintended side consequences and to self-correct its approach when vital.

In one practical example, CodeMender addressed a vulnerability wherein a crash record indicated a heap buffer overflow. Although the very last patch best needed changing a few lines of code, the root purpose became no longer right away obvious. By using a debugger and code search equipment, the agent determined the true hassle changed into an incorrect stack management difficulty with Extensible Markup Language (XML) elements at some point of parsing, located elsewhere in the codebase. In any other case, the agent devised a non-trivial patch for a complicated object lifetime problem, enhancing a custom system for producing C code within the goal venture.

Beyond simply reacting to current bugs, CodeMender is designed to proactively harden software towards future threats. The team deployed the agent to use -fbounds-safety annotations to parts of libwebp, a extensively used image compression library. These annotations instruct the compiler to add bounds checks to the code, that can prevent an attacker from exploiting a buffer overflow to execute arbitrary code.

This works is particularly relevant given that a heap buffer overflow vulnerability in libwebp, tracked as CVE-2023-4863, became utilized by a threat actor in a zero-click iOS exploit numerous years ago. DeepMind notes that with those annotations in place, that particular vulnerability, along with most different buffer overflows in the annotated sections, might were rendered unexploitable.

The AI agent’s proactive code fixing includes a sophisticated choice-making process. When applying annotations, it is able to automatically accurate new compilation errors and take a look at failures that rise up from its own changes. If its validation tools detect that a modification has broken capability, the agent self-corrects based at the feedback and attempts a specific solution.

Despite these promising early results, Google DeepMind is taking a careful and planned method to deployment, with a strong target on reliability. At present, each patch generated by CodeMender is reviewed by human researchers earlier than being submitted to an open-source venture. The team is steadily rising its submissions to make sure high quality and to systematically incorporate feedback from the open-source community.

Looking ahead, the researchers plan to attain out to maintainers of crucial open-source venture with CodeMender-generated patches. By iterating on community feedback, they hope to eventually launch CodeMender as a publicly available tool for all software program developers.

The DeepMind team also intends to post technical papers and reports in the coming months to share their strategies and results. This work represents the primary steps in exploring the potential of AI agents to proactively fix code and essentially enhance software security for everyone.

ShareTweetShareSend
Previous Post

Study finds AI can assist building become more secure, resilient and more sustainable

Tarun Khanna

Tarun Khanna

Founder DeepTech Bytes - Data Scientist | Author | IT Consultant
Tarun Khanna is a versatile and accomplished Data Scientist, with expertise in IT Consultancy as well as Specialization in Software Development and Digital Marketing Solutions.

Related Posts

Huawei declares new Ascend chips, to power world’s most powerful clusters
Artificial Intelligence

Huawei declares new Ascend chips, to power world’s most powerful clusters

September 22, 2025
New Research Highlights Scheming Risks in AI Models—and Promising Mitigation Methods
Artificial Intelligence

New Research Highlights Scheming Risks in AI Models—and Promising Mitigation Methods

September 22, 2025
Mythos AI and lomarlabs set up sea-pilot AI assistance
Artificial Intelligence

Mythos AI and lomarlabs set up sea-pilot AI assistance

September 18, 2025
Are AI Models on the Autism Spectrum? Exploring the Parallels
Artificial Intelligence

Are AI Models on the Autism Spectrum? Exploring the Parallels

September 17, 2025

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

59 − = 54

TRENDING

World First: Engineers Train AI at Lightspeed

World First: Engineers Train AI at Lightspeed

Photo Credit: https://scitechdaily.com/ Penn Engineers have created the first programmable photonic chip that can train nonlinear neural networks using light, potentially revolutionizing AI by making it faster and more energy-efficient. Unlike traditional electronic chips, this new chip reshapes light itself to perform complex computations, enabling real-time learning and offering a major step toward fully light-powered computers.

by Tarun Khanna
May 2, 2025
0
ShareTweetShareSend

Unpacking the bias of large language models

Unpacking the bias of large language models

Photo Credit: https://news.mit.edu/

by Tarun Khanna
June 19, 2025
0
ShareTweetShareSend

Meta discloses AI that thinks and sees the world like humans

Meta discloses AI that thinks and sees the world like humans

Photo Credit: https://www.indiatoday.in/

by Tarun Khanna
June 12, 2025
0
ShareTweetShareSend

“Periodic table of machine studying” could fuel AI discovery

“Periodic table of machine studying” could fuel AI discovery

Photo Credit: https://news.mit.edu/

by Tarun Khanna
April 30, 2025
0
ShareTweetShareSend

Politicians’ memecoins, dropped court cases fuel crypto ‘crime supercycle’

Politicians’ memecoins, dropped court cases fuel crypto ‘crime supercycle’

Photo Credit: https://cointelegraph.com/

by Tarun Khanna
June 20, 2025
0
ShareTweetShareSend

AWS announces nine major updates for its ML platform SageMaker

aws-nine-major-updates-ml-platform-sagemaker
by Tarun Khanna
January 15, 2021
0
ShareTweetShareSend

DeepTech Bytes

Deep Tech Bytes is a global standard digital zine that brings multiple facets of deep technology including Artificial Intelligence (AI), Machine Learning (ML), Data Science, Blockchain, Robotics,Python, Big Data, Deep Learning and more.
Deep Tech Bytes on Google News

Quick Links

  • Home
  • Affiliate Programs
  • About Us
  • Write For Us
  • Submit Startup Story
  • Advertise With Us
  • Terms of Service
  • Disclaimer
  • Cookies Policy
  • Privacy Policy
  • DMCA
  • Contact Us

Topics

  • Artificial Intelligence
  • Data Science
  • Python
  • Machine Learning
  • Deep Learning
  • Big Data
  • Blockchain
  • Tableau
  • Cryptocurrency
  • NFT
  • Technology
  • News
  • Startups
  • Books
  • Interview Questions

Connect

For PR Agencies & Content Writers:

connect@deeptechbytes.com

Facebook Twitter Linkedin Instagram
Listen on Apple Podcasts
Listen on Google Podcasts
Listen on Google Podcasts
Listen on Google Podcasts
DMCA.com Protection Status

© 2024 Designed by AK Network Solutions

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Artificial Intelligence
  • Data Science
    • Language R
    • Deep Learning
    • Tableau
  • Machine Learning
  • Python
  • Blockchain
  • Crypto
  • Big Data
  • NFT
  • Technology
  • Interview Questions
  • Others
    • News
    • Startups
    • Books

© 2023. Designed by AK Network Solutions