The irony
"The vulnerability is located in the Trusted Platform Module (TPM) configuration"
Oh, you couldn't get more ironic if you wrote this into a spy novel :p
It looks like Lenovo isn't issuing updates for all Kaby Lake products; the chart shows only some devices are being supported with a Windows 10 update. Most devices seem to be Windows 11 and since Kaby Lake isn't "officially" supported they aren't bothering.