Microsoft should know better too, but they're EULAs try some really stupid stuff too. Actually, I think there are quite a few companies in this boat. Oracle used to (haven't checked lately) require some lengthy notice for any reviews involving transaction numbers they didn't provide.
I think until more lawsuits like NY vs McAfee occur, Marketing and Legal teams are gonna keep writing the crap we never read.