Disabling the service is a way to protect you from the vulnerability, but it is not a fix for the vulnerability. A fix for the vulnerability would allow you to continue using the service.
The article kind of makes it sound like telnet is somehow necessary and that disabling it hasn't been a best practice for years.
Maybe there are still old devices that don't support SSH and you literally have no option, but really, what other reason is there to have telnet enabled?
That's what I was thinking about. On the Cisco support site Telnet gets barely a mention. It is apparently not the flagship feature of these switches and whatnot. Okay maybe it's customary to leave it open but there's a lot of lazy practices that result in bad security, not just headline "vulnerabilities" that affect - gasp - 300+ models!
So, basically I think Ars Technica's sub-par quality strikes again, in that a tech site gets a fundamental understanding of technology wrong. If something isn't mission critical, can be turned off, and alleviates a vulnerability, then that's a way to fix it. Plain fucking English.
Maybe there are still old devices that don't support SSH and you literally have no option, but really, what other reason is there to have telnet enabled?