Don't freak out! Before you listen to the hype, and there is a fair amount of it, you have to understand that the hack can only take place if the attacker has physical access to the machine. That narrows the scope of things considerably. However; I have read two blogs this morning by people who claim to have had their confidence shattered by the presence of this.
Apple will fix it. Probably very quickly, too. In the mean time, make sure your kids don't execute this and you're on easy street. I don't know what to tell those running Apple's XServe on servers, but that's a whole nother class of problem and those admins probably don't need my input.