Current Windows Operating Systems (consumer versions) are unsuitable for use as mission-critical computing
platforms unless updates and restarts can be controlled by administrators.
The following problems have been identified in Windows 10 Build 1607 (and later):
The system passes varying amounts of private data to Microsoft Corporation servers.
The Microsoft block list has been compiled from various sources on the Internet and reliably prevents data
leakage and system updates while NAT32's DNS Analyser is running. When an administrator is ready to perform
an update, the blocks can be temporarily disabled via the Control Panel page. Once
the updates and reboots have completed, the prudent administrator can then safely re-enable the blocks.
The system may restart at any time in order to install system updates. Mission-critical services will not
be available to external users at such times. Note that remote users may be located in any time zone, hence
the default 12:00 AM reboot schedule does does not mitigate this issue. Because administrators cannot prevent
such forced reboots, third-party, mission-critical software is at risk of failure after an update.
Various Windows 10 script files are being offered on the Internet that claim to disable Telemetry, Updates and
Forced Restarts. While many of these scripts are quite effective, the problem is that they perform many
low-level modifications to the running system. Additionally, they must be run on each system that is to be protected.
A further problem arises when administrators decide that a system update is needed:
All of the system modifications must be reversed and the system restored to its original state
before updates will succeed.
When two or more Windows machines reside on the same network, one machine may wake another machine
in order to fetch updates that it is unable to obtain from the Internet. This can occur even if the
other machine is in the shutdown state. The exact details of the protocol used are presently unknown,
but because NAT32 has full control over outgoing packets on an adapter, future versions will be able
to prevent this undesirable behaviour.