I suppose the counterargument there is "Win10 is not the security I want". IMHO I would define "security-only" --- or perhaps "critical-security-only" --- to be fixing remote code execution (e.g. WannaCry, various IE exploits, if/when anything is discovered in TCP/IP stack, etc.) and very little else.