[gorbachev]

That answer will change very quickly, if someone marches to a Creative show room, sales event or CES and "patches" all of their devices.

[gaudystead]

That's assuming the attacker informs Creative of the attack. A malicious actor could go to the showroom, update the firmware on all devices, and simply let them continue on as normal, waiting for a future opportunity to strike.

Let's hope Creative patches things before something like this happens.