WannaCry is a good example when considering security updates.

The author of a malicious attack can use multiple tools to access secure systems. Vault 7 was a treasure trove of tools and techniques that are now widely distributed and used by third party, dark contractors.

The Win10, and previous EULA contracts inform the user that MS is free to sell your data to any and all entities whom may find your data valuable. The sale of your data runs the gamut from corporate clients to the various "agencies". Once remotely located, any proficient hacker can access your data.

In the case of one specific organization with access to top secret data, the trails to the "data" were protected with ridiculously shallow passwords like "password" on remote servers. When this reckless approach is utilized at multiple levels, the entire system becomes transparent and is monetized through black and gray markets on the wholesale level. It is ubiquitous.

Lately, DOS attacks have been the favored tool of various entities to gain advantage over websites and individuals whom are targeted for various reasons. If, for instance I, were a client of one of these targeted entities, I am immediately vulnerable to those same pressures...and have been in the recent past.

This is a reality that must be considered with serious attention to one's personal security.

I have, by necessity, remained "plugged in" in order to prepare a viable product for the market place. Therefore, I remain vulnerable. This is why I consider the MS "security updates" to be more in the area of a hack, than a legitimate effort to protect my data. The concept, on it's face, is laughable.

IMO