I don't think "we" would have been impacted since this specifically targets the updates, but recently Microsoft pulled Notepad++ from the list of apps we can use on our production management laptops. Some people were annoyed and whining about this. That predated this announcement by a few weeks. Probably the right move by the security folks.

it was pulled because the binaries were self-signed for a short period, not because they knew something

who signed the binaries was irrelevant for this attack, because the issue was not checking any signature