True, but given that they're moving towards 'Windows as a Service' it's not hard to imagine that happening someday.

Except for the Server OS. That's already built to be pretty standalone (aside from updates and collaborating with other Windows Servers). The idea here is that future security vulnerabilities aren't being patched which means it'd be open season for hackers once new vulns are discovered.