Gregory's Server@drq
As an experienced Linux user and occasional windows hater working in cybersec, I do think that this is a brilliant feature.
Imagine someone plugging in a badusb acting as a keyboard, typing a malicious payload into the notepad. AV will have a very hard time spotting the malware since it was user written and unless it triggers some kind of behavioral heuristic, the chances are it will go unnoticed. M$ just attempts to lower the attack surface. For example, when it comes to users that do not have a dedicated AV software and rely solely on windows defender, blocking access to M$ domains would cut off updates of the virus signatures. That's certainly not something an average Joe wants or will do.
Granted, it can also be used to bypass a windows license check.
As an experienced Linux user and occasional windows hater working in cybersec, I do think that this is a brilliant feature.
Imagine someone plugging in a badusb acting as a keyboard, typing a malicious payload into the notepad. AV will have a very hard time spotting the malware since it was user written and unless it triggers some kind of behavioral heuristic, the chances are it will go unnoticed. M$ just attempts to lower the attack surface. For example, when it comes to users that do not have a dedicated AV software and rely solely on windows defender, blocking access to M$ domains would cut off updates of the virus signatures. That's certainly not something an average Joe wants or will do.
Granted, it can also be used to bypass a windows license check.