Well duh.... Someone at MS thinks this is a good idea.
Given the terrible terrible pile of bugs that MS has created, fixed and recreated
no individual is in a position to pass judgement on patches and fixes for
a closed source operating system. For the large numbers of home users
this is a darn good thing. For ISPs that suffer a lot of network and mail resource
load as a result of millions of badly managed, systems now operating
as bott farms for bad boys.
The recent federal data hack was apparently a failure to update to a vendor
supplied patch. Lazy??? Stupid??? Arrogant??? Foolish???
Another that might like this is the difficult to enumerate tupple of TLA's
that may wish to man in the middle update the system of one, two,
three,... many, all and insert then perhaps later remove a side door flaw to their
Cyber security is a pain to do right. Only fools think they have it solved.
Sadly MS has yet to design and deliver a consumer OS that has a chance of staying
secure. The NT kernel did have some nice security features... I see that
NT.mumble got booted on a recent Windows system.. Perhaps...
One real problem IMO with the NT security model is that it makes invisible security
modes and settings outside of your pay grade. Like VMS it placed a lot of power
behind opaque policy walls. If all is well this is good. If a breach happens it
is too easy to to hide. Given a well considered policy that includes an audit
system perhaps ...
The free update to Win-10 has interesting security footprint impacts
it could help a lot but the pessimist that I am doubts it.