Sadly this no longer works for Microsoft domains. Had Windows Defender mark my host file as having a 'severe' issue just because I copy pasted a list of Microsoft telemetry domains (1). Everything worked perfectly fine before that update.
I use DNSCrypt (SimpleDNSCrypt in Windows). It has extra features like wildcards for blocking subdomains. It doesn't touch your hosts file so it should bypass that.
