Google told Engadget,"currently over 90% of Android devices have a technology called ASLR enabled, which protects users from this issue. We've already sent the fix to our partners to protect users, and Nexus 4/5/6/7/9/10 and Nexus Player will get the OTA update in the September monthly security update."
Of course, like with all things Android, outside of the Nexus line, it's a wait and see situation when it comes to updates from phone makers. Hopefully they'll be hitting phones and tablets in the near future. But with only six days notice, Exodus Intelligence didn't give Google or its partners much time to get the patch ready.
Traditionally, researchers give companies 30 days notice about a security issue. This gives both parties adequate time to work on a patch and share information. In the post about the patch issue, the researchers explained that it decided to forgo the usual 30 days because the original issue was reported over 120 days ago, Google was still issuing the faulty patch and the amount of attention the original vulnerability had attracted.
So keep on the lookout for this new patch to fix the old patch.