It seems I was wrong to blame Secunia for stating that they had verified or confirmed the dmg problem. So, my apologies to Secunia for that.
In my defence, the articles on which I based that remark (particularly the neowin.net post) look like and read like press releases, and until I pointed it out to them, I didn’t see any denial of the “validation” from Secunia, which is a shame.
Anyway, they have now denied having validated or confirmed the exploit and would like to point out that they did not, in fact, issue a press release about the issue.