When I get an email from my bank stating that I really need to re-enter my account number and password *now* -- here's the link, I ignore it. Now I have someone telling me that I really need to run this piece of code with full administrative privileges *now* -- and here's the link.
Sheesh! With "security experts" like these, and users willing to do whatever they are told, it's no wonder we have a malware problem.
Oh, and I dare say "these people" are terribly trustworthy, and that their code *does* plug the vulnerability they talk about. I wonder what it opens instead, intentionally or not? Do you think Adobe, who know the code better than most, might be holding back because oh-I-don't-know they want to be sure that a hurried fix doesn't make matters worse? In the meantime, if you want to be genuinely helpful to end-users and not encourage reckless behaviour, wouldn't it be better to point them in the direction of a *tested* workaround, like an alternative PDF reader?