;-) As MikeyMike mentioned, the update is all done remotely, by Microsoft. This, then, is the reason that hackers can gain complete control of your machine remotely: Windows is designed to be controlled remotely. Hackers have figured out how to usurp the built-in remote controls from Microsoft.
An OS that supports locking out the fellow in front of it has merit in an office environment where the company handles sensitive data and theft is a real concern. However, the ability to lock out the end user is inappropriate in an operating system used in the home.
