Windows NT services are assigned a SID based on an SHA-1 hash, but what about the risk of collision?

Windows NT services are assigned an identity (SID) based on an SHA-1 hash. We also know that SHA-1 is deprecated due to research showing that it is vulnerable to collision attacks from well-funded opponents. What does this mean for Windows NT services? Some Raymond Chen to kick off the week.