Trust nothing? Too late for that!
"To your correspondent's mind, Microsoft's stance flies in the face of years of sensible security advice to trust nothing. Asking users to just swallow Windows 10 updates is very hard to consider as best practice."
The moment you decided to run Windows, you trusted Microsoft with total control of your PC.
Sure, you will find cases where an update borks something you were rather fond of, such as the ability to run your workloads, but that *is* (tin-foil hats notwithstanding) accidental and the vast majority of updates *do* protect your machine against attacks (that are, these days, often reverse engineered from the published patches).
If you have to time and energy to deploy patches on a test system to check for accidental damage, feel free to do so. But refusing to install a patch just because MS didn't publish a KB article about it makes no sense when you happily installed the entire OS without any end-user documentation (let alone source) at all.