"Scott" wrote

| If the problem is urgent, I prefer the solution to be urgent also. I
| cannot assess whether the problem is urgent so I follow the
| precautionary principle.

That makes sense, but it's not as simple as it
might seem:

https://www.infoworld.com/article/28...meltdowns.html

The URL explains the link. (The page is faulty. It's set up
as some kind of idiotic slideshow. If you don't see the article
try View - Style - No Style.)

In other words, it makes sense to always fix problems
as soon as possible, but that assumes what you apply
is actually a fix. Often they're not. (Sometimes "fixes"
are cosmetic.) And it assumes the fix doesn't create its
own problems. Often they do. Sometimes quite serious.
So it's actually quite dangerous to just let Microsoft
deliver a dripfeed of system changes and to assume that
it's all "e-goodness".

Further complicating things, Microsoft want everyone
to allow them to alter the system at will. With that in
mind, they've become even more opaque about details
of patches than they used to be. So it's not easy to know
what patches are doing.

I always disable Windows update and only apply
service packs, well after they're released. But that
also runs a slight risk, of course. On the one hand, I
didn't have my computer bricked last week by
Meltdown/Spectre patches. On the other hand, if
I decide to enable script online I may be at slightly
increased risk due to not having all the latest patches.
While many attacks use 0-days (patches are of no use)
some attacks exploit patched bugs, hoping to snare
people who don't have the patches.
Neither risk is extreme, the risk of dripfeed updates
or the risk of delayed updates, but both are real.