I did not say they WOULD do anything I was pointing out they SHOULD do something. Will they? Can they? Probably not on both.
Whether or not they can is not something I can answer, but they have already said they are not going to bother to fix this vulnerability.
As these products are discontinued, and the attack scenario is outside of the security model of this feature, no fix will be provided.
https://donjon.ledger.com/lsb/017/ The moment these wallets were discontinued and their support ended, was the time people should have stopped using them. It's the same as with Windows XP that someone mentioned above. I know that
mocacinno has one Ledger HW.1. @mocacinno don't use it anymore.
Just like other hardware wallet vulnerabilities, this one also requires physical access to the device and knowing the PIN code or knowing how to bruteforce the PIN code.