Don't blink - you might miss it.
In any case, this little bug takes care of the first half of breaking your system - surreptitiously running my code on your box. From there, I can try to social-engineer my way into rooting everything, or I can try to exploit other holes into rooting everything. Or I can not bother and just wipe out everything in your home directory, which, as someone else pointed out above, is where you keep everything valuable to you anyway. The guy who gets his dissertation erased the week before he was set to hand it in is likely not going to be comforted by the fact that his box wasn't rooted. :^)
It's definitely serious, but it does require a bit more work to get on your system than someone reading an email or visiting a web site, or just being on the net period.
I wonder if this is going to be handled by Apple as a virus issue ("update your antivirus") or if they'll fix the bit that allows the program to appear as an innocent file. I don't always trust Apple to do the right thing.