As sometimes goes in this business, misinformation slips through the cracks.
In my post earlier today, I had said that code had been published on this exploit, which makes it very serious.
However, it turns out that this is likely not the case. I was misinformed.
No source code published means a greatly reduced threat level.
I’ve updated my original blog post as well.
Alex Eckelberry