Having to input a GRUB password was considered a way around the "physical access means single user mode" exploit. This vulnerability puts the lie to that concept.
However, there is already a fix for this. We don't have to wait forever, or the next service pack, for a fix to be available.