I really dislike the idea of “needs ring 0 = nothingburger”.
There’s plenty if ways to gain ring 0 access like a user to approving a UAC prompt… Or for an attacker to utilize any number of existing ring 0 escalation vulnerabilities on an unpatched system, or for a UAC bypass to be utilized, or for the attacker to establish a RAT on the system using a tech support scam or similar.
Difficult? Yes!
Only viable via a supply chain attack as some like to suggest? Absolutely not.
People that complain about forced diversity are complaining about diversity. No one is forcing excessive diversity on you.