Don't run any JIT you don't know
If interpreters (like JS's) did not generate JIT code to make the exploit possible, one would need untrusted assembly language code to exploit; and that is not floating around that often anymore.
Shouldn't things like JS, Python, C# etc. (plus real compilers) always have an option *not* to wring the last iota of performance from the code they submit to the processors? Much of that optimization, I guess, is processor-dependent anyway. And that should be the default, throw that switch at your own risk.
Which betrays that:
(a) This flaw is not my field of expertise
(b) Neither is the kind of alchemy JIT uses that makes it exploitable by JS.
(c) I am enough of a lunatic to believe thatsanity can trump short-term thinking, ever.
Biting the hand that feeds IT
