Bad publicity = good
Of course MS say the researchers should have gone to them first - it keeps the lid on yet another idiot blunder on Microsofts part. Sure it would have come out eventually, but it wont be as big a news story if they already sorted it - the worse the press MS get on all their poor software engineering, the better.
Fact is the web exploits instructing people to press F1 are already in place, they were zero-day at the time, and the issue isn't likely to be made much worse by its going public, because now at least some people know not to hit F1. Generally, in the past, public knowledge of a vulnerability has NOT resulted in more websites attempting the same exploit (that is unless Microsoft or whoever fail to update their software promptly) because there are a hell of a lot more zero-day vulns available in the hacker community to work with.
@Bruno Girin & The Original Steve - Yes people should upgrade, but there are still vulnerabilities discovered in Vista and 7 all the time, what about that ridiculous 17 year old VDM bug that was still present in all 32bit Windows OSes?
This one, to my knowledge is one of a minority of bugs which only affect OSes prior to Vista.