I write about patches and updates a lot, but making sure you get the updates from legitimate sources is essential. Do not create a cyber security issue where none need exist.
Always go the the vendor’s official sites – double check the URLs – or go through the “update” options in the software. Do not follow links from third party sites!
Hacked sites caught spreading malware via fake Chrome updates (bleepingcomputer.com)