I'd love to know how many people are verifying checksums, and sourcing the checksums themselves from reputable sources. An event like this seems like a prime opportunity for someone to insert something extra into one of the components needed and a proportion of users will pick it up, whether the security cure is worse than the disease of an unsupported OS.
Just as an example of this everyone points out Massgrave for activation on a version of windows I doubt many are properly licensed for, and one of the methods used relies on periodically talking to KMS servers they provide including some on a Chinese TLD [0]. Personally I'd be charitable and say it's probably well intentioned using the cheap resources they can get (there's no mention of donations on the site), but I wonder how many are aware of what is involved and this is just something they rush through to get rid of the big scary warning that windows puts up and tech news hysteria.
