Decades of force-feeding users unwanted features has trained them to not install updates. I know most people in my family flat out refuse to update software because they're afraid the developers will have decided to re-do the UI again, or move menu options around, or just break major functionality. So because we, as software engineers/companies, can't resist the urge to keep changing things and doing endless re-designs, end users are trained to not get the vital security updates they need.
As an industry we need to get better. A software update should mean things like "improved performance" and "better security", not "totally different UI" and "20 features nobody wants". If users really want the new shiny, it should be optional.
> re-do the UI again, or move menu options around, or just break major functionality.
...or reduce performance on otherwise perfectly good hardware, possibly due to the those changes or the "20 features nobody wants".
I'm a computer professional, and even I have this anti-update attitude for exactly that reason. At least I have the competence to mitigate the security risks through other means, but I can't well recommend anyone else do the same. To quote Tom Lehrer, this makes me feel "like a Christian Scientist with appendicitis".
As an industry we need to get better. A software update should mean things like "improved performance" and "better security", not "totally different UI" and "20 features nobody wants". If users really want the new shiny, it should be optional.