Insecure WS-Trust for Windows 365 Cloud PC and 365 Boot in Federated environments

We use a 3rd party IdP that has Office federation configured. I had some struggles getting Windows 365 Boot authentication to work. This also affected joining a standalone PC to Entra ID. It just wouldn't authenticate. At the end of a long investigation is was that we had WS-Trust disable. Then we enabled it and tried to IP restrict it but then remote 365 Boot PCs wouldn't work. Now WS-Trust is fully opened. Not good. Not secure.  

In this https://learn.microsoft.com/en-us/power-platform/important-changes-coming#deprecation-of-office365-authentication-type-and-organizationserviceproxy-class-for-connecting-to-common-data-service  it states- "We're making this change to remove a security protocol (WS-Trust) that is inherently insecure by current encryption standards..... WS-Trust protocol doesn't support modern forms of Multi-Factor Authentication and conditional access controls to customer data."

Also this article on https://www.proofpoint.com/us/blog/cloud-security/technical-deep-dive-vulnerabilities-bypass-multi-factor-authentication-microsoft  it show various example of attacks methods.

This is an emerging attack which we are getting targeted daily! 

What are our options to not use WS-Trust for W365 and W365Boot? 

Are non-federated environments affected by this?

What preventive measures that can be taken?