There are pros and cons to updating your kernel. On the pros side, updating your kernel may include security fixes, it may improve stability or speed as drivers for your hardware have improved, and it may include new features or bugfixes to existing features. On the cons side it may do the reverse of all that, so introduce new security issues, decrease stability and speed as drivers that were improved for some model actually perform worse on your model, and new features may introduce new problems. Even the bugfixes may introduce new problems. There may even be regressions, where problems fixed in your current kernel version return. As the updated kernel version has been less thoroughly and rigorously integration tested with your Linux Mint version than the initial kernel, updating kernel versions introduces a risk. While the chance of the risk occurring may be low, it would have high impact on average users. Measures can always be taken to push a kernel update if there is a security issues that is being exploited. Those are my personal views BTW, not Mint HQ certified
For users somewhat more comfortable with using Linux, those that know how to recover from a bad kernel update from GRUB, it is usually safe to enable kernel updates. I have level 4 and 5 only set to visible, not to automatic updating (as also the display drivers are at that level, and that is less easy to recover from). If there is a new kernel available, it makes sense to check if you need it or not. If it ain't broke, don't fix it. You could, for example, track Ubuntu's security notices, or search for security issues on the kernel: http://www.ubuntu.com/usn
For example, see this recent security notice on the kernel: http://www.ubuntu.com/usn/usn-1457-1/
. It describes five security issues, four of which are exploitable only by a local user. Meaning by you or a program you run, and then for two of those only if you are using KVM virtualization (which I guess you aren't using
). The one remote exploit reads:
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.
So you would have to connect to a remote NFS server, and somebody would have had to deliberately include this exploit at the NFS server, and then it could perhaps crash your machine if you connect. Not good, but you are not at risk of your personal data being stolen.
So don't assume that just because there is a security issue in the kernel, it affects you
The kernel can do a whole lot of things, and you are but using a fraction of that on your computer
And even though there may be security issues on older kernel versions, those that may affect you, that doesn't immediately mean there is an exploit in the wild or that your machine is at risk of being hacked. Just as on Windows, being a responsible computer user goes a long way towards your security: install software only from trusted sources (i.e., don't randomly download programs or scripts for the Internet and run them), configure your firewall, and when browsing the Internet make yourself aware of what you can do to limit risks to your browser (which is more exposed than your kernel)--such as with add-ons like NoScript, HTTPS Everywhere and others.