Oh is it?
The exploit for upstream Firefox on Windows is now completely public, free of charge. How is that worse on Tor, where most people using it have idea that JS and 3rd party connections should be blocked?
You still need to intercept a users' connection and redirect them to malicious JS with a regular Firefox. For the attack to work on a large scale you'd typically you do this by compromising an ad network and hoping you get enough users before SafeBrowsing blacklists you.
With Tor on the other hand you can just run an exit node and infect the user even if (s)he's visiting a regular site.
Oh is it? The exploit for upstream Firefox on Windows is now completely public, free of charge. How is that worse on Tor, where most people using it have idea that JS and 3rd party connections should be blocked?