With Windows 10’s release, Microsoft implemented a new method of acquiring updates via an integrated peer-to-peer system. This system enables you to share updates you download with other computers in your network or with completely unrelated computers on the Internet. Likewise, updates you receive might come from Microsoft, another computer on your network or an unknown user on the Internet.
Supposedly, Microsoft’s reason for this move is to optimize download speeds by downloading from the fastest available location and not requiring networked computers from downloading the same update multiple times. However, many users suspect the real reason is simply to reduce strain on Microsoft servers by deferring the bandwidth requirement to its customers.
Although there is merit to this feature, there are also considerable concerns. First, you are using your own bandwidth to provide a service for which Microsoft is responsible, and that is especially problematic if you’re on a metered connection where overages cost you money. Second, you are creating a peered connection with unknown computers, theoretically creating a privacy or security risk. Finally, any time you download files from a peered source, you run the risk of viruses or spoofed packages. Surely Microsoft has considered the latter two issues and has likely taken precautions, but the threat is an unacceptable non-zero risk with virtually no upside.
Unless you’re feeling altruistic, you might consider disabling shared updates or at least restricting them to trusted computers on your own network. This option is buried deep in the system settings, which might make you wonder how badly Microsoft wants you to keep it enabled.