Upgrade has already being considered but our policy is very conservative in this respect. If the problem does not go away with other fixes, the upgrade will become more possible.
Your policy should be to be at latest CU plus security updates since there are active exploits in the wild that can easily compromise your server. :)
This is a serious vulnerability and should be addressed. Your servers should be updated immediately.