ARM != IDIoT
Microsoft also gets the benefit of an even wider net to catch various bad actors. Now, Redmond can tell its enterprise customers it monitors IoT devices and can catch those high profile botnets and big news threats. Getting potentially billions of new info sources under the umbrella will only help Microsoft sell its other big-money security products.
Everybody has an enormous net to snag botnets, just leave a cheap device open on the net, and monitor it. Years ago I ran a honeypot at home, and attacks on an anonymous IP connection were 500-1500 per day. Mostly it was from my network neighbors.
Just because something is running on an ARM processor, doesn't necessarily make it an insecure device. It's how the developers quickly slopped an implementation together, and threw it out the door. I do trust everybody saw the article about the casino hack through the fish tank thermometer?