The problem here is the delay between it being actively exploited and KNOWING it's being actively exploited: potentially long enough to exploit it into something that can persist even AFTER the original bug gets fixed. Thus the paranoia. Besides, if an exploit is used, what's to say the users and/or their interfaces can be considered trustworthy anymore?