I will apply all the patches that the vendor supplies in an automated way where possible and where not, as soon as is practical. While it is true that a vendor could screw up a patch, it is also true that my hard drive could die, malware could get on my system, an other hardware or software problem could corrupt my data, or I could just screw up and delete data myself.
To protect myself from any of these occurrences, I keep regular backups. I take these backups at a frequency similar to the amount of data I am willing to lose in the event of any failure (including "evil" actions on behalf of my OS vendor.) For me the frequency of backups is generally daily.
Note that I use the term OS vendor instead of Microsoft here, this because I run several computers with several operating systems (Microsoft, Linux(s), others) and I have had them all screw up a patch.
Since I have chosen not to write or personally review the source code for all the software I use (because I don't have that kind of time), I choose to outsource that work to several vendors, one of which is Microsoft. Yes, there are risks to running software from Microsoft (or any other vendor), Microsoft may not have my best interests in mind. However their software meets my needs and I have made the calculation that the value the software provides outweighs the risks.
Security only for servers, with one or two full rollups per year (in low demand periods, with full en-garde vendor support).
And full rollups monthly for desktops, but in waves, over one or two weeks, starting with less critical groups, and moving onwards in the criticality (Or, artenatively, with canaries in each and every group, and moving onwards to the rest of the respective teams).
And all this backed up (pun intended) with full backups (Baremetal recovery ones right before 'em patches)