Things aren't perfect, but they're the best we can do given what we're
left to work with. For example:
- We cannot update the virus signatures, because that command simply
fails, despite being copy-and-paste'd from Microsoft's documentation.
- When queried, Windows reports its virus signature age is
4,294,967,295 days old, which, on geological time scales, pre-dates
even the Pleistocene era by 9.7 million years.
Despite these issues, my hunch is that the signatures are current as of
the date when the VM's base-image was generated; and because we're in
the Holocene era of zero-day network threats, my guess is GitHub is
re-generating images at least weekly if not more frequently (and sure
enough, Defender catches the EICAR dummy virus.
Note that we're not using Start-MpScan because it does not provide any
useful output on status of scans (indeed!), so I've moved that here into
the commit message.
e417d06289