In the past, I have dealt with IoT equipment made by a manufacturer that shall remain nameless here, but their solution was — like a lot of IoT solutions are today — based on Linux. Now granted, they had a quite nifty data exchange option via LoRa meshing. But updating both firmware and apps was a nightmare. You were constrained to your own network, so pushing out updates was your own responsibility, you had to do that per (sub) network, one by one, app by app.
Now this was (semi) professional sensing equipment, not intended for use by Joe and Jane Sixpack. The stuff that actually can be purchased by Joe and Jane is even in more dire straits. See, for instance, this horror story about smart locks. Or actually, dumb locks, as it turns out
Now, first of all, a lot of these manufacturers are at fault for delivering essentially insufficient safe equipment. What's even worse is that they refuse to fix it. But in the long run, they are actually right about updating the lock software. It makes very little sense, as most of the users won't update the lock (or whatever smart device they may have purchased anyway), either because they don't know how to do it or because they'd rather watch the Olympics or some other sports event du jour instead of reading obscure websites about security to keep up to date on the status of their smart lock, light bulb, or whatever other gadget they bought (or got from a well-intentioned friend or relative).
The only solution to this, of course, is that both the lock software itself and the firmware could be serviced remotely, without requiring the user to do anything. This would, of course, require some kind of secure communication protocol, centrally guarded... kind of like how a computer or a phone and its apps are updated. And wouldn't you know it, that is exactly what Microsoft is doing. Rather too quietly, in my humble opinion. (Maybe because it’s still in preview.) But this is a big deal, and I think it deserves a lot more fanfare.
Windows 10 IoT Core can already update itself, so whenever Microsoft adds new features or improves overall security and stability, the base software can be updated without affecting what is running on top of it. Now, by making the apps running on it serviceable as well, Microsoft is providing the ultimate solution for making IoT devices serviceable remotely and securely, without the user having to do anything.
Drawbacks? What if your lock is just about done rebooting when you want to go out (or in)? And then there's the age-old "quis custodiet ipsos custodes" — who guards the guards? You (and manufacturers) will have to decide whether or not they want to trust Microsoft — a company that has decades of security expertise, an enormous cloud infrastructure, and basically runs on selling trust — or just hope some random hardware dude does a better job and does it right the first time, because they cannot update their stuff once they have sold it.
I think the time is ripe for Smart IoT, and I applaud Microsoft for making this move. I once dreamed about it in a closed conversation with some Microsofties, and now it's coming true. No doubt my dreaming has nothing to do with it, but the fact that it has indeed come true is no less awesome.