Security risk, O RLY?
Let's say MS produces buncha' patches, and some third-party wants to distribute them. Now there's the obvious possibility that this very evil and untrustworthy third party tampers the patches to include some malware. How possibly could MS protect its customers?
Maybe by publishing list of checksums for all the patches published? How about MD5? The algorithm is free of royalties, and quick to compute.
Or, even better, could MS supplant each patch with a digital signature, to be verified during installation of the patch?
Is that a rocket-science to MS developers? Or did MS overlook it totally on some purpose...?