So Microsoft decided that to improve the overall quality of Windows, and to reduce the overall complexity of the patching process, they would rework the patching process altogether with Windows 10. Let's explore these changes in more depth. Patches are now divided into Quality Updates and Feature Updates.
These so-called Quality Updates are a single monthly cumulative update containing security fixes, reliability fixes, bug fixes, and so on. These cumulative updates supersede the previous month's update. Normally, they contain no new features. Beginning with Windows 10 1703, there will be one mandatory cumulative update on the second Patch Tuesday and possibly multiple cumulative updates throughout the month with added non-security content. To stay on the secure side, you need to at minimum deploy the second Patch Tuesday portion. The other patches can be optionally deployed on some or all systems.
Feature updates are done twice per year, each spring and fall, with new capabilities. Feature updates are technically simple deployments using in-place upgrades, driven by existing tools with built-in rollback capabilities. New features can be tested with Insider Preview.
Each Quality Update raises the version number of your Windows 10 release. You can see the Quality Update release build number as the last set of digits of WINVER.exe (for example, 540). The feature update raises the version itself (for instance, 1703) and the build number's first set of digits (for example, 15063). The SKU of Windows 10 is in the 4th line (for example, Windows 10 Pro).
A comprehensive and always-updated list with content of each cumulative update can be found at the Windows 10 and Windows Server 2016 update history page at https://support.microsoft.com/en-us/help/4000825/windows-10-windows-server-2016-update-history.
A Windows 10 release information page with a table containing all build numbers, release dates, and KB entries can be found at https://technet.microsoft.com/en-us/windows/release-info.
As cumulative updates (CU) are now all or nothing, it is no longer possible to exclude single patches if they break something in your environment. Due to always fully patched systems, there should be a reduced risk of incompatibilities, but it is still possible. So you should pay special attention to the second Patch Tuesday CU and test/deploy it as fast as possible as it contains new security fixes. If there are any problems, report them to Microsoft right away so they can fix it. Meanwhile, you can only uninstall/not deploy this CU and risk the security flaws. When you uninstall a CU, your system automatically falls back to the last installed CU version. For non-security parts, you can test 1-3 extra CUs per month.
These Quality Updates can grow very fast to sizes of 1 GB and more. To reduce the WAN traffic and/or workload on your on-premises servers, you need to configure the Delivery Optimization (when using WU), BranchCache (when using WSUS), SCCM peer delivery (when using SCCM), or the solution-specific peer delivery (when using third-party).