Is there such a thing? I don't think so - last time I checked, there was about 6 GB of MS-supplied malware trying to download and install itself on eeeeeeeeevery Win7 computer through Windows Update (where not prevented by technical means such as GPO or GWX Control Panel). So no, that's either a) a fictional requirement, or b) ignored by MS.

>requires Microsoft to specifically to ask the end user for permission to update/install files on the user's machine?

They're certainly not doing this with Windows 10.