Sure, and there is the possibility of free-as-in-freedom libre software-as-a-service. And web APIs that are free software. The OpenStreetMap API, for instance. The software that runs it is open source, the data is freely licensed, the system that it runs on is open source (Ubuntu Linux, Apache, Ruby on Rails)...
no, I mean free in the libre sense.
There are plenty of free SaaS providers out there, basically anybody who provides git hosting, apache/php hosting, wordpress hosting or email hosting (using a free stack) is doing this.
I think that yes, he means the software update. I'm afraid you're mistaken on where the defaults lie, though.
An out-of-the-box Windows will download and install the software and then automatically reboot the PC. You have to explicitly change the settings to avoid that.
On Fedora, Ubuntu, Arch and Mint (the desktop distros I've used at one point or another) you will be notified that the updates are available but you have to explicitly say that you want them installed. If they require special privileges, you will be asked for a sudo password. If they require a restart, you have to approve it explicitly as well.
It is a back door because the user (even a sophisticated one) has no visibility into what's being installed (all the information the user sees is being controlled by Microsoft and the user has no way to verify it because of the closed nature of the system).
This means that fundamentally, the user has to trust Microsoft every time time an update is being rolled out. And as any other large corporation, Microsoft doesn't always do things that are in the best interest of their users.
Mind you, this is the back door that we know about. I don't want to go get into the conspiracy territory, but one of Stallman's points is that the user really can't know whether there's a hidden back door or not. And even if there isn't one now, they can use the Windows update to put it there.
Richard Stallman feels very strongly about this. Others may not. Depending on which side you're on, you may either make this a big deal or say that Microsoft (or anyone breaking and hijacking the system) is trustworthy so this is nothing to worry about.
How you talk about the facts is retorics. But at least on this subject he's not saying anything that isn't true (he may be bending the truth on other issues -- I haven't read the article so I can't honestly say).