Obligatory premise: I am absolutely in favor of vaccines (for us humans and also for animals), I am vaccinated as are my children and grandchildren.
Working with computers for some time I have seen that you can catch "diseases" (viruses, malware, etc...) and that the antidotes/vaccines are security patches and antivirus/antimalware updates.
Probably patches and updates do their job adequately on most IT applications: they generally protect the computers to which they are administered, be they PCs or servers.
However, having to do mainly with used computers at the factory, I noticed that these "medicines" are not always useful and often cause "undesirable effects" and they can have important "contraindications" and "adverse effects".
In these days, the VACCINES for which I have more than one doubt are the patches proposed by Microsoft from other hardware and software vendors to counter possible threats surface with vulnerabilities Meltdown and Specter of which in this period there is much talk (even in newspapers and on television): they have been discovered on computers on which Intel, AMD, etc. microprocessors are mounted ... in the last 20 years.
The Patches released by Microsoft essentially serve to counter the security breaches that could be used to eventually maliciously extract confidential information such as passwords or other information that has passed through reserved memory areas. This is in case there were "unauthorized" connections to these computers.
From various sources it emerged that such patches are sometimes absolutely incompatible: may cause some applications to crash used normally at the factory (Eg OPC Clients and Servers) and also the blocking of the system itself (with the classic blue screen), making the system unstable and unusable.
Now, we know that an unusable office system generally does not cause damage, except that those who should use it are unable to do their job, and possibly not provide a service to those who expect it.
But in the factory or on an infrastructure (aqueducts, airports, etc…), a system that controls and operates a machine or plant, if it doesn't work and is unstable and "out of control", can make the machine or the plant itself, with consequent interruption of the service provided and/or lack of production.
At times, the slowed down or unusable control system can make the plant “dangerous”: the risk can come from possible damage to the plant itself, to the environment or even to people.
This is why sometimes it's better not to treat the patient and not to inoculate the vaccine (the patch): the risk is lower!
Protection strategies must follow different paths. Definitely different from those used for IT Security.