How do you protect against this vulnerability?
The link I shared from esmi explains how to disable xlmrpc, which is complete protection against the kinds of probes being descrived.
What ticks me is that this is all being presented as a "new" threat. The DoS attack was completely viable against any site allowing pingbacks before 3.5. So was trackback spam. XML-RPC also always supported user credentials -- that's how remote blogging tools like LiveWriter and ScribeFire work -- they use XML-RPC to authenticate you into the site.
The only one I'm not sure about is the internal network mapping.
What's really new is just the fact that it is turned on by default now and you have to take an extra manual step to disable it.
But as someone who watches security threads and has vulnerability alert notices coming from many sources, I get a little angry that some "security" sites take any opportunity to trump up something into a "threat" when it really is at most an annoyance.
I'm convinced that there are many self-proclaimed security experts out there who are more interested in "scaring" up traffic to their sites or selling their services than they are in monitoring, reporting and defending against actual threats.