Wait... the OP is kind enough to inform us of a possible exploit and you're nailing him for it???
I rather this type of information is made public than kept under wraps and have "hackers" exploit it.
My thoughts exactly, thank you OP for doing the honourable thing and giving users a chance to lock down their machines before someone less honest found it.