You guys should see the massive list of DNS requests windows sends out during startup...
dns.msftncsi.com
ipv6.msftncsi.com
win10.ipv6.microsoft.com
ipv6.msftncsi.com.edgesuite.net
a978.i6g1.akamai.net
win10.ipv6.microsoft.com.nsatc.net
en-us.appex-rf.msn.com
v10.vortex-win.data.microsoft.com
client.wns.windows.com
wildcard.appex-rf.msn.com.edgesuite.net
v10.vortex-win.data.metron.life.com.nsatc.net
wns.notify.windows.com.akadns.net
americas2.notify.windows.com.akadns.net
travel.tile.appex.bing.com
Bing
any.edge.bing.com
fe3.delivery.mp.microsoft.com
fe3.delivery.dsp.mp.microsoft.com.nsatc.net
ssw.live.com
ssw.live.com.nsatc.net
login.live.com
login.live.com.nsatc.net
directory.services.live.com
directory.services.live.com.akadns.net
bl3302.storage.live.com
skyapi.live.net
bl3302geo.storage.dkyprod.akadns.net
skyapi.skyprod.akadns.net
skydrive.wns.windows.com
register.mesh.com
BN1WNS2011508.wns.windows.com
settings-win.data.microsoft.com
settings.data.glbdns2.microsoft.com
OneSettings-bn2.metron.live.com.nsatc.net
watson.telemetry.microsoft.com
watson.telemetry.microsoft.com.nsatc.net
Those are all seen on a clean install at first run with nothing going on, and a lot of them from my understanding are also hardcoded into the system in the event DNS lookup fails.
Back to the original topic, I now know those updates are potentially updates related to M$ putting the same spying junk that's in Win10 onto Win7 machines. WSUS has been working fine with Win10 recently aside from it reporting the Win10 machines as Vista... Still...