Perhaps there is a reason for announcing it before the patch is released: so that admins could be aware and put in some type of security protection (extra eyes on the RPC) until the patch is released because the exploit is so dangerous?

It's sorta like notifying people of SARS and the dangerous of it before a cure or even figuring out what it was! Sometimes it can be preventative to just let the community know what the dangers are.

And personally, I believe in full disclosure.