I don't like the all-in-one updates either, but there are a few reasons why they did them - Two major official ones and I suppose, one unofficial reason spring to mind.
The official ones are:
- When you install a new instance of the OS, you will no longer have to go through the rigmarole of installing a large number of updates (frequently 100+) reboot, a few more, reboot, another 50 etc, until all are consumed. When a OS has been around a few years, that process can take a day of leaving a new PC updating before it's ready for use.
- Stabilty - If everyone is running the latest code, then there should be less room for incompatible versions of different files to cause trouble when they interact in unexpected ways.(well that's the theory anyhow).
And the unofficial one - not haveing to think about those version compatibilty issues must make Microsoft's job in maintaining the code easier as well as testing changes (apparantly they do try!) - I would imagine that it reduces their costs in a big way.
Another thing to note. The February updates were supposed to be the first time that they started rolling older updates into the cumulative updates for Win7 tand 8.1 . Up until now, the new cumulative updates had been based on changes from October '16, with all ealier updates still issued discretely. This month was supposed to have been the previoudly released 'Cumulative Oct '16 to Jan '17' updates , the new Feb '17 updates and and some updates from earlier than Oct '16. Over several months they are planning to roll all older patches into the cumulative update.
There are also issues for companies running WSUS servers - the conventional WSUS packages dont handle the CU's very well. MS recommend enabling Express updates but doing so increases the WSUS content folder size on the server many times (old way, typically around 400GB - with express updates enabled, 1TB or more (and server grade storage is not cheap!).. Arrgh!!!!.. Then of course you need to develop and test a new updating strategy, and then you find that MS categorise the "Security only" versions updates the same as the "Security and Quality" versions of the updates, making it impossible to distinguish between them when automattically approving updates in WSUS (before anyone says anything - I do NOT leave server updates on auto approve!!!!, but I do manually run approval rules then tweak the results).
Of course there are the other issues about not being able to duck individual patches, not documenting the changes sufficiently etc...
All in all, a (partially) well intentioned, bad idea.
Edited by x64, 16 February 2017 - 04:28 PM.