I've got some info...

The "NTP bug" silent security update referred to in Apple pushes its first ever silent, automatic security update to Mac OS X... is listed in Apple security updates (2014), while the similar "Gatekeeper" update referred to in Apple pushes silent security update is not specifically listed in Apple security updates, nor is it obviously included in About the security content of macOS Sierra 10.12.4, Security Update 2017-001..., which was released 4 days after the update referred to in the article.

The first linked article includes

Originally Posted By: ExtremeTech
In any case, Apple thought this was a good opportunity to try out OS X’s automatic silent-patching mechanism. The feature has been present in OS X for at least a couple of years, but Apple says this is the first time it has ever been used.

and

According to Apple PR, the security update (which is rolling out right now), “is seamless. It doesn’t even require a restart.” Apparently, when it’s your turn to receive the update, it will download and install automatically — the first you’ll know about it is a confirmation box after the patch installs, telling you it was a success.

That very strongly suggests to me that the updates in question cannot be "turned off"...that they're considered so necessary that Apple has built a backdoor into OS X/macOS to ensure that they can't be ignored.

Any additional info and/or insights will be appreciated.

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire