Not sure what Mouse Trap is, but here we feel like we’re playing Whack-a-mole 
Even most of our Windows servers have had to be restarted multiple times in order to become compliant. At this point we perform a restart when entering our maintenance window if a restart is pending, as well as permitting an unlimited number of restarts during the three hour maintenance window that the server owner can define.
That being said, we do limit the retry rate on patch baselines to 3 times so that we don’t end up rebooting excessively, and we also monitor our patch pilots very closely to catch issues before they go to production.
But yeah, Microsoft patching has gotten a lot more convoluted over the last year and a half it seems (some would say the last decade, I’m sure), and reading the known issues part of the rollups in particular can be critical to efficient patching.
With the above efforts (longer maintenance windows, reboot prior to window if needed, up to 3 reboots in the baseline) we have been able to reach compliance for the vast majority of endpoints the first time we patch, but it’s definitely been a long, iterative process.