Aforementioned security vulnerabilities don’t strike as a potential reason to you?
Friend, considering the supply chain attacks going on these days, automatically updating everything, immediately, probably isn't the perfect move either.
You need to automatically update from a trusted source. That source better audit and update constantly. Which is hard.
Ignoring the real benefits of security updates to prevent the unlikely event of supply chain attacks sounds like a weird tradeoff.
Friend, considering the supply chain attacks going on these days, automatically updating everything, immediately, probably isn't the perfect move either.
You need to automatically update from a trusted source. That source better audit and update constantly. Which is hard.
Ignoring the real benefits of security updates to prevent the unlikely event of supply chain attacks sounds like a weird tradeoff.