In my job, I am classed as a "System Administrator", although in reality I am not an SA, but it puts me in the position of receiving automated emails advising of very specific vulnerabilities of various Computer Operating Systems and commonly used Software Packages. I personally do not favor any OS, Windows, or Unix in all it's flavors (including MAC). I don't care. I can only say that if you are a registered user of any software at any level on your PC and you receive a VALID NOTICE to accept an update of any kind, it will probably include a security fix, and you should not ignore it.
If your OS includes to ability to automatically accept updates, and schedule the timing of the updates, set up the times that your system will accept them, and make sure that your PC is up and running and connected to the internet during those times, so that you will not miss them. My PC is never turned off.
Online security is a very complicated issue. ANY SOFTWARE running on your computer can be vulnerable to hacker/virus attacks, not just your chosen brand label or OS. Don't be complacent. Use a hardware router, run a firewall/virus protection software package, understand "social engineering" and avoid allowing bugs into your system thru email.
Now: The following is My Own View and may or may not have anything to do with reality. Microsoft takes great hits by being so openly public in acknowledging and fixing their vulnerabilities, yet they do. I have to ding them for having the problems in the first place, but at least they openly fix them when they are found. Apple's web site used to have a long list of various security fixes to their software, but IMHO they are now perpetuating the "it can't happen here" idea on their web site, by making the whole issue of update and fixes very vague. (look at their "support" tab on their web site). Apple's OS is a very proprietary version of Unix. Unix, Linux, et. all don't like to admit that they contain security holes just like MS, but they do. I see the warning emails daily. I realize that this can be very controversial and that there are many more versed in the subject of online security than I am. /end of My Own View.