Don't forget to protect yourself
As my colleague Graham states on his blog (linked from the main article), although the technical process of screening the ads should be done by the advertising network, "it is the responsibility of the webmasters at the media organisations not to do business with ad suppliers who can't manage this problem properly."
This is not the first time a major site has been bitten by its advertising providers, nor will it be the last. We must urge sites using third party advertisers to add security clauses to their contracts along with their other terms.
In the meantime we can all protect ourselves by using one of the browser plugins or security settings that disable scripting in our browsers.