Digitally signed software updates add a layer of security by ensuring that the code has not been altered or tampered with after it was signed. However, threat actors have been known to steal certificates or use other means to sign their malicious updates, making the digital signature no guarantee of the update's legitimacy. Therefore, while digital signatures are an important security measure, they are not foolproof, and updates need to be scrutinized beyond their signatures.