Or, like EVERYONE tells you to - backup your damn machine. P.S. If your backup doesn't get you back to exactly where you were last week, it's not a backup, just a bad data copy.
Also:
https://4sysops.com/archives/d...
However, for years, people have mocked my decision to NOT have auto-updates turned on. I only press update when I know that my machine is backed up, there's a fix I need to deploy, and I have the time / willingness to do it.
No, my machine doesn't have viruses etc. (I've had precisely one in my life and that was from a demo copy of Sin on a PC magazine coverdisc - which shows you how long ago that was!) because I abide by simple security practices that mean Windows doesn't NEED to run lots of random third-party executables to do what I want.
There's a reason that MS *can't* block WSUS for business users being used to stop automatic updates for Windows 10. Because we'd tear their fucking heads off. Windows updates have caused shit like you describe since their introduction. Sure, most people won't notice, but if it only happens to 1% of computers regularly deploying updates the chances are that none of your friends will have had those problems. But similarly, with the same odds the chances are that in any large deployment AT LEAST one machine will fuck up from automatic updates every month. Fuck adding that to my IT burden.
In work the other day, one of my users was accidentally given a brief window when they could receive updates from Windows Update instead of WSUS (I'd accidentally pulled them out of the client group on WSUS while looking for a test machine). In that short opportunity, it took it upon itself to update from 8 to 8.1, thereby breaking the finance software that we use permanently. Additionally, the desktop now gets a crash in in a mp4 video dll every 10 seconds that you can't stop crashing without reverting the update associated with it. Seriously, no newer patch fixes it or I'd deploy it in a second. And I had to give them RDP to a plain Windows 8 machine to finish their finance stuff temporarily while I revert their config.
Seriously, automatic system-level updates without user interaction is the most stupid fucking idea in the history of bad ideas, not to mention not being able to PERMANENTLY say no to a particular update, and having NO proper way to system restore to a point before the update applied and stop it (in the majority of cases - I've yet to see system restore do what it promises but I've dealt with lots of users have accidentally restored their personal laptops back to factory settings or unrecoverable states using it!).
If you work in IT and haven't yet realised this, I really pity you. Servers, internet-facing services, maybe but there you have the tools to deal with this crap and STILL shouldn't be blindly pushing updates anyway.
Unmanaged clients that aren't eligible for WSUS because they are home-use? Back those fuckers up and turn off automatic Windows Update.