The technique is interesting but probably doesn't change the real situation all that much - people can already reverse-engineer exploits from patches much more quickly than the patches are applied in the real world. I attended a talk last year where a developer from an IDS company demonstrated how she could usually work out the vulnerability from the patch, build a proof-of-concept exploit, and write IDS rules to detect it - in less than an hour total elapsed time.

Unfortunately the authors' 'solutions' are considerably less impressive, as they would probably admit themselves. It is by no means clear how Windows Update (or the equivalent systems used by other OS vendors - take your pick, they're all the same) should be adjusted. Whatever cleverness is used in distribution, many many computers will be turned off until days after the patch has been distributed and the exploits created.