OK, I read all that almost two months ago. Even the latest version of RootPipeTester tells me that 10.10.3 is fixed.
I'm not totally certain that I trust RPTester--no idea what criteria it uses to make its determinations, and I don't know enough to read through the open source in order to determine if it's drawing the correct conclusions per OS. It tells me that my 10.8 isn't vulnerable, but what do I really know? (It seems that almost every week there's some new POC vulnerability found--it's all just too whack-a-mole). Since nothing new has been forthcoming since Kvarnhammer's latest on 5/28, I'm just about ready to throw my hands up and ignore the whole thing. Even if 10.10.3 has really been patched, I'm not ready to upgrade--my 10.8 is doing just fine, and from what I've seen and heard about 10.10, I'll avoid it until maybe 10.11 fixes most of what's wrong in it, the way 10.8 fixed 10.7. And if RPTester is correct, I'll be worse off with 10.9, for which I saved the installer.
Although I have a lot of respect for the blogger who posted that last article, we only have his word that it didn't work. He correctly didn't publish any details and nobody else seems to have come forward to verify his assertions, including Apple. If it was a "miserable failure" I certainly would have thought we'd see somebody else or an actual threat exist by now, so I think that may be overstated. There hasn't been an update to CVE-2015-1130 to indicate anything other than it's fixed in 10.10.3.
It took Apple from last November until April to roll out a "fix", so I'm not at all surprised that we haven't heard anything from Apple on this. Not only haven't we heard of anyone on 10.10.3 getting hit, AFAIK we haven't heard about anyone on any other OS getting hit. As for this non-fix-patch just being fiction, if you read through this, including the comments, there's some additional confirmation that Apple's patch was lame--not that I am able to understand any of the analysis of the Objective-C that is presented there. I have no idea if we will ever see this exploit actually executed in some major way in the wild. My guess is only in very narrowly targeted situations--it needs to be combined with a remote code execution exploit in order to work. I don't think that's so easy to pull off, except maybe by way of spear phishing or some malicious payload on some "free" download. So the usual caveat about what you download applies more than ever. If it ever does get into the wild in some form of mass distribution, I don't think it's going to hit anyone who is even slightly educated about security practices on the Internet.
(Actually, according to some, it's already been seen in the wild, but only in a very limited way: "There is malware from 2014 that was already exploiting this vulnerability. Found by noar, the following sample contains the exploit code for both Mavericks and older versions. It uses the exploit to activate the Accessibility API. See, we don't even need to wait for new malware, it was already being exploited in the wild. The malware sample is described by FireEye, but they totally miss the zero day there. They just lightly describe the result but not the technique.")
Don't get me wrong, if it's really still a vulnerability I also want it fixed and I don't think this is just FUD, but it could be. The blogger is employed in an IT security service, so he does have a monetary interest in this.
I don't think Wardle was spreading FUD. His background in security is really unimpeachable and I don't see any monetary interest in this for him, or anything to gain in spreading FUD, except maybe irreparable damage to his reputation, should it be proven to be FUD. Since you seem to think it's a possibility, other than his resume getting another credit, please describe how that would benefit him in a monetary way.
But this discussion is about non-Yosemite users which, from everything I know today, is a more serious issue. At least 40% of Mac users seem to be vulnerable to the flaw that was originally found.
Of course, with everything said, and whether or not this exploit ever sees some form of mass distribution, I would prefer that Apple patch older OSs. It's pure evil that they refuse.