Windows 10 22H2 and Windows 11 22H2 are not affected so that is very good news with new secure boot DBX update to protected it from nasty BlackLotus malware.
It listed Windows 8.1, Windows 10 1507 to 21H2, Windows Server 2012 to 2022/21H2 and Windows 11 21H2.
It not good and actually very bad idea to run old Windows 7, 8, 8.1, 10, 11 and Server versions when hackers created malware and ransomware to targets people who refused to updated Windows or blocked Windows Update with third party software.
The way MS approaches security there is probably some uglies even in XXH2 being actively exploited. That said if on 10/11 you want to be on at least Jan's security patches as there are some nasties actively being exploited in versions of 10/11 before that including a remote code execution vulnerability. (EDIT: Already a bunch of privilege escalation vulnerabilities in 22H2 have come to light).
If MS did their job properly people wouldn't have to block updates, etc.
Last edited: