Microsoft has already included telemetry (what some call spying) in the same "security" updates that are necessary to get Windows Update working at all.
Each "security rollup" has a KB number, even though it contains more than one update, according to this article at Technet.
*** More on Windows 7 and Windows 8.1 servicing changes ***Supposedly the "security rollups" were Microsoft's answer to "fragmented patching.
But this "Woody on Windows" article at Infoworld explains how "fragmented patching" actually came about, and how it was Micosoft's fault:
*** Blame Microsoft--not users--for fragmented patching in Windows 7 and 8.1 ***The "rollups" are Microsoft's answer to Windows users selecting which updates they want in order to avoid telemetry (or in the past, unwanted Windows 10 installation). Since Microsoft has mislabeled telemetry installation as a "security update" in the past, there's no reason to think they won't include it in the "rollups." From Woody's article...
Then Win7 and 8.1 customers got hit with a double whammy: The "Get Windows 10" campaign and the further encroachment of Microsoft snooping. Patching has never been the same since. Customers started implementing defensive patching strategies -- protecting themselves from Microsoft's advances -- and the nature of patching changed completely.
There's fragmentation, but it's largely predictable and almost entirely dedicated to the idea of keeping Microsoft's hands off their systems.
I see two general camps of Win7 and 8.1 defensive patchers. On the one hand, there are people who will only install clearly identified security patches. On the other, we have people who have followed (or developed) long lists of patches that should be avoided to deflect Microsoft's privacy incursions. Many people refuse to install patches that are specifically designed to make the transition to Windows 10 easier: They bought and paid for Win7, and they don't want Win10.
Patch blocklists abound -- and no longer just among the tinfoil hat wearers. They reflect a genuine concern about Microsoft's new telemetry activities: the Diagnostic and Telemetry tracking service, for example; new telemetry points/snooping stations; and Visual Studio Application Insights. Many Windows 7 and 8.1 users don't see any reason to let Microsoft (or app developers) snoop any more than they already do.
So yes, there is fragmentation in patching now. But I don't think it's a case of Win7 users deciding that they want to support the Azerbaijani manat or skip the daylight savings time updates for rural Egypt. The fragmentation that's developed has a pattern, and it's due to Microsoft's intrusiveness.
Now that the "Get Windows 10" campaign is over, Microsoft has a golden opportunity to mend some fences and pull the extraneous garbage out of Win7 and 8.1. A couple months' of healing patches that get the Win10 junk out of Win7 and reduce the telemetry incursion would do wonders to reduce the fragmentation.
I don't expect that to happen. Instead we're going to see Microsoft consolidate its snooping efforts under a new banner, with fragmentation cast as the boogeyman.
Here's Woody's advice for operating the new patching system.
*** How to prepare for the Windows 7/8.1 ‘patchocalypse’ ***So if you're not worried about Microsoft "spying" you can use Windows update.
If you only want the security updates you have to download them manually.
The link to Woody's article on how to browse the update catalog is here
*** How to check the Microsoft Update Catalog with any browser ***So manual patching to avoid anything that might include telemetry has become much more difficult.
Of course if you trust Microsoft and don't care what information they might be collecting about you or your computer, or who they "share" the information with, you can get patches from Windows update.