The security flaw (privilege escalation through use of the GM_* functions, leading to read-access to local files available to the logged-in user) does exist in the XPI as it was two days ago. Aaron Boodman has released a “neutered” XPI that removes most of the GM_* functions; it obviously won’t work with scripts that used the functions, but plainer scripts should work fine.
There has been other work going on recently with making Firefox extensions more secure, by more strictly enforcing chrome-content barriers, through the xpcnativewrappers=yes option, and (with the 1.1+ evalInSandbox function) control over the context in which their code can run, and thus the security privileges it has.
Unfortunately, GM_xmlhttpRequest in particular was just a security hole waiting to happen. Think about it: it’s raison d’etre is to enable cross-site scripting for user scripts — it’s there to give content-level code the ability to make HTTP requests for random web pages, and, because of the way privileges are currently a sort of all-or-nothing deal, “random webpages” includes “the files on your computer”.
All said, ’twill be interesting to see how this plays out.
I do wonder, though: Just how much time is Mark Pilgrim spending on Greasemonkey?