Serious question: can you upgrade the firmware without unlocking the device?
You have to enter your unlocking PIN the moment you connect your Ledger to your computer to get it to communicate with Ledger Live. I think the firmware gets updated through the Ledger Device Manager, so you have to open that app as well.
If you never connect Ledger to the Ledger Live program, it will not receive any updates, or it will not even be able to install wallets for other currencies.
I never used Ledger Live, only when it was initial setup for Bitcoin. Otherwise I only work with Electrum. That way, I don't even know if it has updates or not pending in the past. Knowing this, I'm not even going to open Ledger Live on my computer. Alias was even uninstalled.