[imglorp]

It appears they don't care about those people. Windows is not the product.

If you are not consuming their cloud product AND providing a stream of your telemetry data for them to monetize, you are of no value to MS and so invisible.

[sneak]

They care a lot about those people. The USG runs billions of dollars of MS software on classified/offline networks.

[imglorp]

I do wonder.

The Windows 11 STIG says use the Windows 10 STIG.

    https://public.cyber.mil/?s=windows+11

The Windows 10 STIG says basically fix this stuff before using.

    CAT I (High): 26 CAT II (Med): 241 CAT III (Low): 18

    https://stigviewer.com/stig/windows_10/

So it seems they have a high tolerance for shenanigans. But what will they do about the online part?

[sneak]

Microsoft will give them whatever they request. When you spend that much money you can just ask for a custom build. I would imagine that NSA TAO and other such parts of the USG are provided access to much of the Windows source already.

Microsoft and US intelligence and the US armed forces are practically vertically integrated at this point, they are the Lockheed of software.

"off the shelf" hasn't meant that for years.

[grishka]

I remember seeing "Windows is a service" update popups in my Windows 10 VM. That was the last straw before I went out of my way and disabled the deliberate RCE^W^W Windows Update services completely.