Has there been a recent change to how Software Updates are considered for the 'Overall protection' of a client?
It used to be that if there was a critical security update missing, the client's overall protection would be 'Ciritical'. This appears to have changed, and I can now see lots of machines that have critical software updates missing that have the Overall protection status of 'Protected'
Does this mean that the Software Updates staus is now ignored by the 'Overall protection' status?
yes, it was changed like that when we introduced the separate pie for the new portal in this release 201604040305-7398791:
Separate Software Updates pie on home page. Protection status pie does not anymore count missing software updates as red and yellow warning. This protection status pie change is also done for old portal, but we won't add there the own Software Updates -pie.
Sorry if the communication was unclear in the change log post.