This takes "Single Sign-On" to a whole new level...
It's not about blaming Microsoft or any one vendor, but questioning why our systems are architected so a single platform can wield this kind of control in the first place.
We've written up a perspective on the broader implications and proposed how identity could be built differently. Full disclosure: we're the researchers/devs behind this piece, sharing our own analysis (hopefully this isn't taken as promotional to our non-commercial solution)