I'm still confused about the terminology. Please, can you confirm and/or fix my interpretation?
- critical: not a security fix, but something seriously broken is fixed here.
- security: a security fix, something seriously broken is fixed here and a security hole is closed.
- cumulative: just use this if you have missed a lot of stuff and you have a long queue updates otherwise. Download this bulk huge fatty thing and align with upstream.
- all other types... really too many types here, do they really worth?
Now the second question.
Having an hyperv server 2016 should I need to install critical fixes? I mean: if I do not notice any misfunction should I patch? to me it is right to patch as you never know when a critical bug will hit your usage.
Also, as a general rule I patch manually and I always require recommended updates only. Then I choose what to install.