doesn't it come as a matter of knowledge that updates are going to come with any operating system? never had an apple product, but i'm sure they have patches / updates / hotfixes and the such. i've used a few different distros of linux and those operating systems too, have patches / updates / hotfixes too.
windows seven had a very successful beta (testing) run according to microsoft, but does that mean that they released a finished product that will work right in every machine, with every user without having to provide some back-end support via patches / updates / hotfixes?
i'd much rather have microsoft update automatically download its "bloat" than to have a hacker with much more knowledge of the operating system than i, exploit my system--no matter how slight of a chance--than to leave my system naked because i think (even if i searched the definition of a particular update) that the update is not needed and is bloat.
on the other hand, though, if microsoft update has an update that states (cannot think of anything more specific): "...update to fix vulnerability with so-and-so's vpn client," and i don't have a vpn client installed on my machine, then i can be pretty damn sure that i don't need that update (again, i couldn't think of anything more specific and that was the first thing that popped in my mind)
just my two cents