[chunky1994]

I am assuming this is a bug, otherwise it would be a very weird move on apple's part. While they're usually pushy about updates etc. for anyone who uses defaults they usually respect user decisions.

I've dealt with the apple auth chain quite a bit and from the reports it looks like the earliest this started happening was Jan 10th with this notification "macOSInstallerNotification_RC" getting pushed to everyone on Ventura. Very likely the bug then make this appear as a required security update and auto installs it despite user input (I am not sure how many people without the install security updates toggle have also been upgraded).

Also if you have a firmware password on that is still needed for security upgrades so that's probably why there's a difference between password less updates and non-passwordless upgrades but that's just a guess.

[tumult]

This also happened to people on Monterey. Knowing how it skips password authorization, and also treats an 'X' click on the notification as "accept" (basically, there is no way to deny it, since the only other option in the dialog is to accept it) I would be surprised if it's a bug.

[dkarras]

it is a bug. apple does not do updates this way. there is no reason for them to surprise users like this.

[tumult]

I don't know about that. They've grown more and more pushy over time, including upgrade badges you can't get rid of normally, notifications to upgrade at random times, requiring clicks on underlined small blue text to install security updates instead of upgrading to the newest major release, and more.

From what you've said, Microsoft also has no reason to force or trick users into upgrading. Yet, they clearly do trick and force users into upgrading.