I agree with jbiggley that it has to be watched, but if so, it can be effective to keep hardware costs down and reduce TCO. I think the technology needs a bit more along the lines of automation, but it is on the horizon as you mentioned in the original post. The pitfalls are there though. At my previous position, WSUS admin was one of my additional duties, and I was forced to skip patching one month due to a large datacenter move. The following month I ended up double patching, and it was a large repository of patches because we had multiple languages and operating systems to support. We used the DCs at our 40+ sites as the downstream servers to house and distribute WSUS patches, and when I approved the patches, they started replicating from the primary server.
What I didn't know is that the DCs were all thin provisioned, and this ended up being my first real experience with it. We had a product called Attention bolted on to our Solarwinds environment, and it had a mail collector agent running that we used to pick up system generated emails sent to a specific address, and I monitored this along with the Solarwinds environment. Well, I started seeing all kinds of storage disk alerts come in to the agent and got a bit worried. Minutes later, one of our VM and Filer admins called me up to say that the patches I approved were filling up the volumes at multiple sites. I was logged in to several of the DCs and had seen plenty of space on them, but didn't realize that on the backend, there was far less space available. I frantically turned off WSUS services at the sites to stop downstream replication until we could clear up some space. I also did some needed WSUS maintenance to clear out old patches, and we got it straightened out, but had we not been vigilant and monitoring, we would have had some major issues at multiple regions around the globe.