This entire thread was about a "potential vulnerability", not an exploit. As I've explained before, potential vulnerabilities are of no concern to end users and there is absolutely no reason to get worked up about them.
The thing is, new potential vulnerabilities are found in operating systems constantly. You can go to certain Web sites and see a list of them as they are found (for *any* operating system). Apple has internal Web pages with lists of them as they are found and they prioritize which ones need a more or less urgent time frame for dealing with it.
New potential vulnerabilities have ZERO relevance to end users. Why? Because until they are exploited (i.e. malware is written to take advantage of them), they present no problem to end users. And it is extremely likely that each and every potential vulnerability will NEVER be exploited.
Once a new potential vulnerability is found, a race is, figuratively speaking, on between the developer to patch it, and sociopaths who write malware to exploit the potential vulnerabilty. In this race, the developer has a huge advantage. First because it's usually way easier and faster, to patch an OS than it is to create a successful exploit. (Exploits tend to be fairly complex.) And second, an exploit doesn't just take a long time to create, it usually costs the bad guys a lot of money to create them. So, as you can guess, the bad guys are at quite a disadvantage at this. Especially since if they fail to create a viable exploit in time to take advantage of the potential vulnerability before it is patched, they may never realize any ill-gotten gains from their exploit and they may end up deeply in debt. (Most exploits these days are written to swindle money out of users.)
Add to this that the sociopaths who write exploits (malware) KNOW that Apple is very good about patching the Mac OS for security purposes when necessary. So they don't have a huge incentive to jump on any potential vulnerability unless they are the only ones that know about it (which means Apple doesn't know to patch it preemptively). This is rarely the case. There are "white-hat" hackers who look for potential vulnerabilities and report them to Apple for just this reason.
So...all of this is, at best, academic to end users. It will more than likely never effect them. It's nice fodder for anti-virus companies to use to try and scare you into purchasing anti-virus software that you don't need. But it isn't something that end users even have to think about.