Released: August 2022 Exchange Server Security Updates

I have an Exchange 2013 only environment and had three questions regarding enabling Extended Protection.  

1.  We are using a single public folder to share contacts.  At the bottom of the github documentation it says "If you have an environment containing only Exchange 2013 servers with Public Folders, you can manually remove the SSL flag from the Backend RPC virtual directory to make Public Folders accessible."  Does this mean that I can leave that Public Folder in place and run the script to enable Extended Protection without it failing?  And then I can just go into IIS and uncheck require SSL for the backend rpc virtual directory?  Or, should I expect that the script will fail the prerequisites and not run because of the Public Folder?

2. Also about the Public Folder.  If need be, we can remove it.  But, I have Outlook clients where it's been added to Favorites.  If I simply delete the Public Folder from the Exchange Server will the Outlook clients throw any errors if I don't manually remove it from people's favorites first?

3. This question is about SSL Offloading.  I checked all my virtual directories on the default website in IIS and I believe it's turned off.  Require SSL is checked on most of them, that means SSL Offloading is off correct?  Except, on the Outlook Anywhere settings in ECP "Allow SSL Offloading" is checked.  I read that this is by default.  Do I need to go in and uncheck that before running the script to enable Extended Protection?  And if I do uncheck that, should I expect any client errors?  I looked at my Outlook clients and all of them have "Connect using SSL only" checked in the "Exchange Proxy Settings" so I'm guessing they are already using SSL anyway so it shouldn't cause them any problems if the Exchange Server suddenly requires it.  Am I right?