I think the notion in the article that it's the same or even worse this time because the exploit already is found to be exploited in the wild kind of strange. Isn't it far worse to disclose an unknown 0-day publicly then disclosing something that gets exploited already anyway?
That depends. Some vulnerabilities aren't easy or worth the hassle to exploit. If this one is being exploited by someone already, you're letting attackers know that it's worth the effort, and handing them the manual as well.
If someone is exploiting it then you _know_ the manual is already out there. How far it has been disseminated is unknown, but arguably it's better to assume it's being disseminated. Otherwise anybody could argue that "not enough" attackers know about an exploit as justification for criticizing disclosure.
