If you are talking about-
-you might want to poke around a little-
To add my $.02 to scotty_ncc1701's great advice, "IMHO, updates should only be downloaded directly from the author's site. I use Filehippo, but if I see a program that I think I want, I go directly to the author's site to download it.", I like using a few tools with some overlapping functionality for software updates (a decent enterprise tool in an enterprise environment, good old Microsoft Update, and right now I'm pretty fond of Qualys BrowserCheck, and Secunia PSI). However, outside of an enterprise tool in a corporate environment, I prefer using these as informational tools, rather than for any inherent update functionality. I like to make my own decisions on what should be updated, and how, and from where. Even the best of 3rd party update tools can be kinda wonky sometimes, and I prefer the granularity of doing individual updates manually directly from the author's (or, if necessary other trusted site) if it becomes troubleshooting time.
Also, I think you are more likely to catch sneaky, hitchhiking, not-quite-malware doing updates as one offs. If you do this as a regular process, like backing up, it doesn't take too much time.
An exception to general software updating is device drivers and such. If you have, for example, a Dell desktop, you can go to Dell's site, punch in your system info, and get Dell tested drivers for your system. If you go to the device manufacturer's site, you may get the latest and greatest driver, but it also may not be compatible with your system. So, caveat ummm... downloader.
Also, really, if you are not having any problems, how often do you need to update driver software? I wouldn't neglect it, but if I haven't checked for device drivers on a machine in a week, or even a month, I don't loose too much sleep over it. If I haven't checked for a new version of Java first thing every morning, that makes me a wee bit uncomfortable. YMMV. Some things have faster update cycles than others, and some things are more commonly used as attack vectors than others. If you don't have a comfort level with discerning and assessing those kinds of risks, I would err on the side of caution, and check more often.
Finally, RE: "All of this started because my computer wants me to update Java and I was not sure I could trust it??? So now I am sitting here confused"
1) Rule of thumb: Never follow any pop-up kinda thing that tells you to download or update anything, ever. Independently find and go to the purported software author's site and go through the process there (basically do an out-of-band verification first, and then update from the official site, if necessary). For Java, that is Java.com. That is the official Java site. As far as not being sure you can trust it, and sitting there confused, join the rest of us We're pretty sure we can't trust it, even from the official site, because Java has been, and presumably will remain, heavily issue-laden. We sit here confused too, uninstall it when we can get away with it, and deal with the uncertainty of when the next bad news about Java will be released, and hoping that we won't get hit by whatever the bad guys throw at us if we have to run it.
I hope some of this helps.