These days corporate security treats these workstations like a dummy terminal. No secrets live on the workstation. You have to re-auth with sso constantly with biometrics and are basically editing data that is in a cloud. So the risk to a corp is minimal where even in the worst case they are insured.
Zero days like this are being disclosed regularly so the idea of securing a windows workstation is tantalizing but you'll never feel satiated trying to drink that water so don't even try.
So yea there's plenty of windows users but we're certainly not hosting anything important on those boxes and would frankly be aghast at the suggestion.
> These days corporate security treats these workstations like a dummy terminal
Correct, "zero trust" is the buzzword but this is how Microsoft even recommends you set up your endpoint infra. Assume breach, treat every endpoint as if it is currently compromised or could be at any time. Laptops are basically ephemeral, when set up right, and can be wiped and re-imaged within an hour or less.
That's not unique to Windows either, that's how all employee/user endpoints should be managed.
Is this just your way of saying that only tiny, weird, companies are "good"?