[nknighthb]

A check for necessary updates should simply be part of someone's regular, preferably daily, routine. It's a basic cost of doing business.

The manpower necessary is not enormous. Any particular security update has a relatively small chance of requiring prompt installation on a particular production service. On the unusual day you're struck by lightning, you pull out the relevant emergency plan and begin executing it.

[jiggy2011]

Remember that a lot of small to medium sized websites are maintained by part time freelancers and don't have anything resembling an ops team, there's nobody being paid to do the day to day running of the servers.

In such a situation it's probably safer to at least have automatic scheduled patching against deadly vulnerabilities and accept that occasionally that might break something.

Of course that wouldn't apply in apple's case.

[nknighthb]

You're positing a scenario that shouldn't occur in the first place. Such a website should be on a shared or managed hosting service, or alternatively, there are companies that will, for a reasonable monthly fee, perform basic routine maintenance such as this on your servers.

If you want to completely mismanage a server you depend on for your livelihood, I can't stop you. All I can say is you're doing it wrong.

[jiggy2011]

Running on shared hosting doesn't solve this and introduces a bunch of other issues, you still have to worry about wordpress installs or whatever.

There are a lot of poorly managed VPS out there, these would be better served applying security fixes automatically.