Is fixing of this issue requiring a full 'hard forking'
Fixing the broken sigOp counting method is indeed a hardfork. It can be fixed when (if?) there is a block-size hardfork, e.g.
this is one proposal.
This specific attack can also be mitigated by enforcing a bytes-per-sigop limit (policy change), as was
merged into 0.12.0. Any miner that does not adopt this policy will still be vulnerable.