>Then we have semi-native application such as massager or skype. Both has messages being "scanned". - Are you talking about URL scanning? So does FB, Gchat etc.
The OP talked about native MS apps as being risk free. Just because FB and Gchat also do bad thing, doesn't make someone else applications less risky to use.
> Microsoft can forceable push new executable code as updates, regardless if settings has turn of updates. - Any source on this?
https://windowssecrets.com/top-story/microsoft-updates-windo... (its old yes, and was disputed as a "bug" by Microsoft. At the same time, no security expects has said that Microsoft did fix it. As such, I default to once burned, twice shy.).
>Each time you visting a page, IE sends the URL over to be "checked" by Microsoft. - Huh? Are you talking about hashes being sent for malware check
SmartScreen Filter and Suggested Sites (http://windows.microsoft.com/en-ca/internet-explorer/ie10-wi...). Both can be turned off, and I don't know what is default. My default assumption is that both is on (or checked in wizard) by default.
>Then we have semi-native application such as massager or skype. Both has messages being "scanned". - Are you talking about URL scanning? So does FB, Gchat etc.
The OP talked about native MS apps as being risk free. Just because FB and Gchat also do bad thing, doesn't make someone else applications less risky to use.