About once a month, when Microsoft announces its list of security issues and associated fixes or application updates, I'm reminded of what a hard job managing change can be. In many instances the chaos that can remain dormant for the preceding thirty days, gets a chance to be front and center. For the teams that control these updates, you know the deep sigh that comes from pushing something out. That hesitation comes from experience with updates appearing benign on the surface, then quickly bringing your organization to its knees.
Unfortunately, I just can't believe either of these claims to entirety. Yes, an opensource OS would likely prevent core malicious attacks. But, there are plenty of updates to install, which can continue to have a negative impact. As for the ease of unified updates provided via the cloud, well it could certainly remove the chaos associate with rollouts and updates. At the same time, what updated, and when did it update. Many cloud vendors lack the clarity needed in communication that we have come to expect from software partners like Microsoft.