If the OEM hadn't messed up and reused UUIDs, it would be "Microsoft letting companies do whatever they want with their device", which is not unreasonable. OEMs reusing UUIDs for some ridiculous reason is breaking down the chain of "whose device is it".

Forget about the OEM. If you find out someone else's UUID you can spin up a VM with your UUID set to theirs and then add it to your system and brick their machine?

Mistakes happen. It is inevitable at scale. So maybe we need softer recovery processes?