CNET asked Abu how dangerous the vulnerability is, and his response was in line with Microsoft's recommendation of updating to IE8. Abu also noted that the exploit is quite unstable, with about 60% to 70% success rate, and confirmed that it is critical to older builds of IE. Microsoft provided additional workarounds in its advisory for users who can't upgrade to the latest browser version.
Although information in McAfee's sped up the process, Abu said he would have found the vulnerability anyway. McAfee said the post in question did not contain enough information to directly lead anyone to the hole, but the firm's future blog posts will undergo "additional sanitization" to avoid giving exploit writers a starting point when hunting for exploit code.