While the built in tools are made to help you get notifications of new security updates, you might not notice them in a timely manner due to various factors. One way to stay up to date on when security patches are released is to subscribe to security notifications from the vendors or utilize a service that aggregates all the security information.
This is not a complete list, but a simply a list of the top vendors you should be aware about as the attack surface with those products are incredibly high.
Email or RSS based security notifications:
- Microsoft – Microsoft Technical Security Notifications
- Adobe – Security Bulletins and Advisories
- Oracle – Critical Patch Update Alert E-mails