Once again the headlines scream of danger: "Another extremely critical Apple security flaw". This one is "particularly worrying" according to one article.
Oh, my, what should we do?
Well, nothing. Actually, this particular flaw dates back to 2011. It definitely is something that should be fixed and it is rather stupid of Apple to let something like this linger for four years. But it is not "extremely critical". According to Ars Technica (see link below):
Mac users should remember that the technique works only when invoked by an application already installed on their systems. There is no evidence the technique can be carried out through drive-by exploits or attacks that don't require social engineering and end-user interaction.