> we are talking about known vulnerabilities.

In a context which does not involve them. I simply ignored the subtle goalpost shift and addressed the core issue of the article.

> And should probably take action even if you aren't.

Where they action could include "disabling as a default option." Yes?