I tested the other day and they were still vulnerable but this kind of vulnerability is useless in Qubes. Actually, qubes assumes these vulnerabilities will exist. For example in app qubes you can just become superuser just with sudo -i and no password at all. This is basically what that exploit achieves… nothing.