No one should be foolish enough to trust Microsoft with anything regarding security. They showed time and time again over the past 40 years that they don't care.
Have you bought a PC in the last 10 years? Then it came with Microsoft's secure boot keys on it. Sometimes it's not even possible to remove or disable them. Sometimes you actually need a Microsoft-signed bootloader shim to boot anything that isn't Microsoft.
loading story #48460155