That is actually not a dumb question at all, and I’m glad that you asked it. You are correct in that you will need to handle all updates. Basically we gave you a furnished apartment, changed the locks, and handed you the only key. The good news is that it isn’t terribly difficult to manage this, so I’ll tell you what it involves.
First, use our backups or make snapshots that you can revert to. OS updates are coming from someone who has no knowledge of what your specific server does, and while the chances of that creating a problem are very slim, they will always exist.
Second, log in via SSH or our web console (SSH preferred, best experience) and run this one liner to update the OS:
apt-get update && apt-get upgrade -y
That runs and finishes, and your OS is successfully updated. A reboot doesn’t hurt, some things won’t actually update until you reboot. A kernel upgrade, for example.
Third, keep Wordpress, it’s plugins, and it’s theme up to date. Objectively, this is more important than OS updates. One exploitable plugin and the next thing you know your system is compromised and being used to send out a DOS attack against someone else. Update these like your life depends on it, it will save you time in the long run.
Hope that helps!