All software contains bugs, whether it is an operating system or tiny app. In some cases, those errors can be leveraged by criminals to gain access to a system, so they must be fixed. This means updates and patches are an important security measure because they usually signal that a serious bug has been found. Hackers often pore through patches to find out what the original flaw was. If they find an unpatched system, they then know they have an effective entry point.
Thus, patches and updates to an OS should be applied as soon as possible. Most systems today do this automatically, but you must ensure that automatic updates are enabled on each device. If there is a reason to not update a machine, take additional steps like disconnecting it from the network until the patch can be applied.
Although automatic updates usually are fast enough, there may be instances where a particularly severe vulnerability has been identified. If you become aware of such an issue, go into the OS and manually update to be sure there is maximum immediate protection.
Operating systems are constantly being updated and new versions arise. Although Windows, MacOS, iOS, Android and Linux will continue to update and provide patches for older versions for some time, this period is not infinite. In as little as a couple of years, a system may not be getting new security patches, even though bugs or security flaws might still be found. Be particularly careful if using non-current OS versions. When necessary, the OS or machine might have to be replaced to avoid a vulnerability.