I have to admit that I'm not expert enough to know that, but I know that if the kinds of attacks and the kinds of problems that can occur were predictable, then obviously all the software would do it. You might want to be doing something to the program other than to say broadly up front that we can put in any updates that help better protect your computer.
Is that going to fit the definition of what we have here in terms of what the consent complies with? Are there other cases where you're downloading things that wouldn't necessarily be seen as a particular program or wouldn't necessarily be seen as being the kind of thing you bought in the first place? They might be additions to how it works technically as opposed to simply having a new functionality or something like that.