[sandworm101]

Much more simple. MS = evil so every domain name associated with it is blocked. I do not use MS software, have no need to update it, and certainly do not need to submit any telemetry info to them. So it is a non-issue until a guest wants to update their laptop using my wifi.

[xnyan]

I've done a bit of work with Microsoft and our enterprise firewall. I will bet you any amount you want that you have not blocked all of Microsoft's telemetry endpoints. They are still getting it. The only thing that's happening is introduction of more risk into your network by blocking people from patching known vulnerabilities