Yes. There are two different lessons here. First, auto-installed patches can be a bad thing. Second, technology where patches are hard to install or uninstall is very dangerous, especially in production environments. (That latter was, as I recall, one of the issues with the Struts vulnerability that was used to hack Equifax some years ago.)
https://mastodon.laurenweinstein.org/@lauren/112813420749045364