Note the filename of the example exploit script.
Brian Krebs has a post on the exploit, along with a brief interview with the author, “H D Moore”:
Q: Do you have to using Kismet or the Airport utility to be
compromised by this?
HD: This particular exploit only seems to trigger when the card is
in active scanning mode. I was able to trigger a similar bug when
the card is in “idle” (non-associated) state, but I need more time
to investigate it before I can give you more information.
In other words, yes, the published exploit only works when the card is in active scanning mode, so even if you have a vulnerable machine, you’re probably not vulnerable in normal use.
★ Wednesday, 1 November 2006