They're literally saying the risk is users can decide to download a file from somewhere. Maybe I can report a vulnerability that phones can receive calls.

The associated MITM risks are ok, but please. This is why security people aren't taken seriously.
https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-insecure-guest-auth-now-off-by-default-in-windows-insider/ba-p/3715014