If you're messing around with computers since your childhood you should know that you cannot prove the absence of bugs(*), hacks, trojans or viruses..you can only test for the existance of some well defined ones.
So not updating a system which is connected to the internet is indeed foolish. Question is: What do you keep on the PC, can you lose it, can anybody reuse it, etc....if there is any sensible data on it (and if it's just your browser cache files with porn) you better update.
Not using antivirus programs is a differnt thing. Windows comes with its own built-in security programs which indeed makes the use of additional programs questionable (as long as you're behind a good router or something). And yes..I'm sure you don't click on any email link sent by your closest friend (hey..at least the email name matches).
(*) (don't start a discussion about how to show correctness of program code now... I'm aware of this 1st year computer science stuff ;-))