To rekindle this discussion, I took the liberty to rename this thread as Vince suggestion. This was triggered by a Microsoft Security Bulletin for a critical update I received today. I almost blew off the whole bulletin because it was just a document change for MS Exchange Server 2003SP2 - but then I saw under "Other Information",

Recognize and avoid fraudulent e-mail to Microsoft customers:

If you receive an e-mail message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious Web sites. Microsoft does not distribute security updates via e-mail.

That's probably obvious to all of us here, and 99% of the rest of us. But if a spammer sends 10 million fake notices out, that remaining 1% represents 100,000 potential compromised machines - new botnet armies ready to be used against us. Not good.

Anyway, to morph Dan's original question with Vince's suggestion- So why all the hype over critical updates if I practice safe computing? I guess the best answer is because it might apply to you - if not now, but later down the road. I agree with Vince, we are best advised to take the simple insurance, even if the risk is minimal. While the risk of infection may be minimal, it will never be zero. Should malware make it past all layers of our defenses, risk for potential serious damage could be huge, possibly life threatening.

So we need to update because it might apply some day is my "best" answer. However, I suspect much of the reason for the "hype" is biased IT Media and MS bashers taking another opportunistic bash at MS for another hole found in an 8 year old product. I say biased because NONE of these vulnerabilities can be exploited without first getting past firewalls, scanners, spam and popup blockers. This puts the monkey squarely on the user's back to keep them updated and running, and to avoid unsafe activities. And yet the "hype" would have you believe doom is imminent regardless the user's discipline.

I have never had a Microsoft update break this 6 year old P4HT3.06GHz machine. Several big ones have slowed it down, but that typically works itself out over the next day or so as all the security applications update and get in sync again - at least that seems to be the apparent pattern over the years. It is running better than ever so performance is not an issue either.

The only downside I can see to keeping the machine updated is disk space. That said, I only keep update files since SP3, and have deleted all the rest. But with 1Tb drives costing less than $90US these days, adding disk space is pretty easy on the budget.

So, if you want to control or just know what is going on with your machine (and I do), I recommend signing up for automatic notifications whenever Microsoft security bulletins or advisories are issued or modified. Then you can decide if an update applies to you, or if you need to install it now, or later. And there might be "other information" you find important too. Microsoft Technical Security Notifications.

I only have Windows notify me about updates & I have always installed most of the critical updates except for IE 7 on XP [I REFUSE to install that and have a very good reason not to]. I run both XP and Vista and the only update I've had a problem with was a vista update that caused the infamous stage 3 reboot cycle. I am very careful who accesses my computer and usually I'm the only one who needs it. Everyone else has there own computer and if I let someone use my computer they are trusted by me but still use a highly restricted guest account. I am also extremely careful what I do on the net and where I go but I'll admit that I could be even more careful than I am. In addition my default account is a power user; I don't run an administrator account even with UAC enabled. Right now all I have is Avira, zone alarm, and WinPatrol...and Firefox. All right call me paranoid but I don't give a but the last major virus problem that I had was on old 95 machine that I had back before I became a computer person.

In short if everyone was as careful as I am I believe that there would be almost no virus problems. I might be wrong about that but most of the few [at least percentage wise] computers infected are run by idiots that don't know or care about what they are doing on the net and aren't protected. Does that summarize things nicely? If only 1% of the billion windows users are infected that is still 10 million users who's computer(s) should be taken away but we wouldn't dare do that. Maybe we should fine those users to force then to get their computer fixed and legal. In short we will need to be paranoid until no computer is infected and all of the bad guys are in prison. But that'll never happen will it. And by the way don't for a second try to tell me that none of you aren't paranoid.

From PSI:

98 out of 100 PCs have 1 or more insecure programs installed!

Is this true? That seems to counteract everything that you have been talking about. Or are they just rying to scare us. Probably the latter. If that where true then it sounds like no one should use the internet.

Let me reverse the question...
Why NOT to install them?
If they eliminate only 10% of waiting for me threats, if I install them, I'm 10% less worrying.

I run IPTABLES Firewall and CLAMAV on my Linux boxes. I run No Scripts and Ad Block in Firefox. Even though I run Linux. I still scan Pictures and Music and Movies that I download so as to not infect my Wifes Windows machine when she asks me to copy something to flash drive or email something I found for her. CLAM AV works nicely for scanning individual files or the whole hardrive file system. So even though a Windows Malware exe. will just sit and do nothing on my Hardware. I still try to practice safe computing because in the long run it benefits my house hold.

I still try to practice safe computing because in the long run it benefits my house hold.

This is why I often tell folks to run malware scans on all their computers instead of just the one giving problems - malware tends to seek out computers in the "Trusted Zone".

No intrusions?! 0_o but why not add an additional layer of security by fixing with patches? Of course, though I'm not having enough patience to update regularly, I use Comodo Firewall. Note: I also do practice 'safe computing! :P

Just to throw out here.

What can a Netbook user with a small SSD hardrive do to keep from filling his drive up with proposed updates? I am just asking because Small SSD hardrives are prevalent/numerous and I have noticed in EEEPC forum that some Windows users disable updates to keep from filling up the drive.

Just figure it was something that hasn't been covered in this thread. And may be useful knowledge for Windows Netbook Users with lets say a 4 or 6 gig SSD drive.

I do know that some Netbooks come with a 12 gig SSD when Windows comes preinstalled. But some users. Unhappy with their Linux 4 gig surf. Nlite Windows XP and disable auto updates to save drive space on their Netbooks.

What can a Netbook user with a small SSD hardrive do to keep from filling his drive up with proposed updates?

Good question. I don't see they have any choice but to install the updates. And if they run out of room, buy a bigger drive.

The problem with computer security is it affects more than just you. If you fail to keep your computer updated and secure, not only do you risk compromising your computer, you become a risk to the rest of us.

Bottom line, don't buy a netbook, or any computer, that does not have enough storage space.

Originally Posted by Digerati

Good question. I don't see they have any choice but to install the updates. And if they run out of room, buy a bigger drive.

The problem with computer security is it affects more than just you. If you fail to keep your computer updated and secure, not only do you risk compromising your computer, you become a risk to the rest of us.

Bottom line, don't buy a netbook, or any computer, that does not have enough storage space.

I think that's the probably the bottom line to this question.
If your security is unknowingly compromised. Then the possibility to pass on the
problem to friends and family are very real.
rokytnji point about Netbook user with a small SSD hardrive disabling their updates is a very real problem. For the reasons laid out above.
For those self same reasons I believe that Linux user should have some kind of virus
protection too ensure that they don't pass on a virus/malware to friends/family
who have various versions of Windows.
In this question we really are our brothers keeper and we should not allow our
arrogance to compromise our/others security.
Because has Digerati rightly said We Can All Make Mistakes.