With Windows Update removed, and no way to patch the system without a full reinstall, I would not use ameliorated.info in any important capacity. The complete unability to patch zero-days makes it very unattractive. They recommend to just take admin privs from the default user. If you're this serious about privacy, use Linux. If you NEED Windows for a program, use a VM and nothing else. If you NEED Windows as your daily-driver... then you shouldn't be risking your daily driver with this. The ONLY update you can apply is simply to just reinstall the operating system. I do appreciate this kind of stripped-down build procedure, but fail to see a good-enough use case.
> Furthermore, as touched upon on the main page, 94% of critical Windows 10 vulnerabilities can be mitigated by revoking administrator privileges from the default user.
I'd just like to touch upon that 94% figure. It's from this source[0], which actually says:
> Of these critical vulnerabilities, 94% were found to be mitigated by removing admin rights, up from 85% reported last year.
It's a very fine line, but they're mitigated by not running stuff as admin, not just removing admin rights from the main user's account. With Ameliorated, people will still want to set up software as admin and install to Program Files, so if they take the advice from the FAQ, they might think they're fine just having a separate Admin account they use for UAC pop-ups to install the programs, while leaving their main as a standard user, which is indeed not going to solve any zero-days compared to users just being able to click 'yes' at UAC.
> Furthermore, as touched upon on the main page, 94% of critical Windows 10 vulnerabilities can be mitigated by revoking administrator privileges from the default user.