The Anti-Malware Scanner build task is now included in the Microsoft Security Code Analysis Extension. This page has the steps needed to configure & run the build task as part of your build definition. Click here for information on the Windows Defender Anti-Malware scan.
|1.||You are using the Azure DevOps Build system.|
|2.||The Microsoft Security Code Analysis Extension is installed in your account.|
|3.||Windows Defender is installed and enabled on the build agent. "Hosted" build agents (with VS2015) do not have Windows Defender installed, and cannot run this build task. "Hosted VS2017" build agents do have Windows Defender installed, and can run this build task. Signatures cannot be updated on these agents, but the signature should be sufficiently current (less than 3 hours old).|
|1.||Open your team project from your Azure DevOps Account.|
|2.||Navigate to the Build tab under Build and Release|
|3.||Select the Build Definition into which you wish to add the Anti-Malware Scanner build task.
|4.||Click + to navigate to the Add Tasks pane.|
|5.||Find the AntiMalware Scanner build task either from the list or using the search box and then click
|1.||Click the newly added task to see the different options available.
|2.||Settings for Type = Basic:
|3.||With Type = Custom, command line arguments can be provided to customize the scan|
Microsoft Security Code Analysis Support is available Monday through Friday from 9:00 am-5:00pm Pacific Time
Windows Defender uses the Windows Update client to download and install signatures. If signature update fails on your build agent, the HRESULT error code is likely coming from Windows Update.
We're also putting together the following table as a good reference for more actionable information
|80004004||Operation aborted. Some of possible factors that could cause it: 1) Incomplete program installation/un-installation; 2) Corrupt registry files; 3) Unreliable/Unsteady Internet connection|
|800106BA||Windows Defender application failed to initialize|
|80070002||Some files in the Windows Update might be missing. Refer to this for a possible fix|
|80070070||Out of Disk Space|
|80070422||SelfUpdate check failed. Unable to startup the Windows Update service|
|80070490||A file (CBS Manifest) that's needed to install updates is corrupt. To correct this problem, you'll need to repair Windows|
|800704E8||The remote server is not reachable, or a manual Windows Defender update is being done at the same time when the automatic updating takes place|
|80070643||A generic error is encountered by Windows Installer|
|80070652||Another program installation is in progress, or a previous installation has not been completed successfully (in which case restarting computer generally fixes this issue)|
|80072F8F||A general cause is the date and time settings being in error|
|8024001E||Operation did not complete because the service or system was being shut down|
|80240022||Windows updates failed. Some of possible factors that could cause it: 1) Corrupted system files; 2) Out-of-date certificate of your computer|
|8024002E||Access to an unmanaged server is not allowed|
|8024402F||External cab file processing completed with some errors|
|80248014||This error probably occurred because of corrupted update files|