…“The vulnerable driver ships with every version of Windows, up to and including Server 2025,” Adam Barnett, lead software engineer at Rapid7, said. “Maybe your fax modem uses a different chipset, and so you don’t need the Agere driver? Perhaps you’ve simply discovered email? Tough luck. Your PC is still vulnerable, and a local attacker with a minimally privileged account can elevate to administrator.”…
The patch is for Windows 10, Windows 11, and Server 2008 up to Server 2025.
Further, there’s companies that make custom-built modern machines that support classic PCI and modern operating systems and classic operating systems.
It’s conceivable that legacy systems are using modern OSes with virtualization running a legacy OS and legacy PCI cards, for example. It’s not beyond the realm of possibility.
https://nixsys.com/legacy-computers/pci-slot-computers