Windows 10 S promises many good things. It currently doesn't deliver.
But as ZDNet reports, Microsoft has enabled other programming environments. Specifically, the version of Office that's available through the Store supports Office macros. Office macros have full access to the Windows API, and Office macros are routinely used to attack Windows machines. There are some minor safeguards to prevent the use of macros—files downloaded from the Internet have to be marked as safe in Explorer before their embedded macros can run—but ultimately, the full programmatic capability is there.
as I've noted elsewhere IMHO this is a Tragedy more so than a Comedy. the essence of course is that Windows was originally just slammed on top of QDOS and then developed from there: A poor foundation. But the original intention was just to "get in the game" with an IBM box for hobby people to play with. And then marketing slammed their requirements for Ease of Use and Backward Compatibility and locked the Gate and prevented system engineers from replacing vulnerable mechanisms with reliable ones.Windows 10 S, however, has regular Administrator accounts, and those accounts are privileged. Those accounts can also run Word—and Word macros. With Administrator privileges, those Word macros can attack other processes on the system, enabling them to run arbitrary code without the security constraints that Windows 10 S is supposed to provide.
Marketing ran their reckless stampede and now corporations, and good folks across the globe find they have been trampled into the mud and have One Hell of a Mess to clean up.