Do you allow the use of Ledger HW as one of the elements of a multisig, despite their shaky reputation (this topic is about ledger after all)? For example, HW #1 - Trezor, HW #2 - Trezor, and HW #3 - Ledger. Other similar variations, where HW #? can be any other manufacturer.
Ledger could be part of a multisig setup because one key (no matter which one) isn't going to be enough to make a transaction. So, even if the worst where to happen and Ledger or someone else gained access to your Ledger key, they wouldn't be able to steal your coins from a multisig wallet. It would reduce the overall security of your setup, though.
I am not as optimistic as you and I think that the only reason why they didn't update Nano S firmware is that they are afraid of another scandal online, they probably analyzed what happened when they announced Ledger Recover service, so, they probably decided it was better to sacrifice one line of production.
I don't think so, and here is why. Nano X was the first wallet that received the Ledger Recover vulnerability and corresponding code. At the same time, Ledger announced that the Nano S Plus would be next. There was a lot of backlash and attacks on Ledger after that. That didn't make them change their mind, and a few days ago they added the Ledger Recover code to the Nano S Plus as well. Had they taken into consideration the community feedback and opinions, they wouldn't have done that, right? It's obviously not important to them.