Should I worry about this UAC bypass exploit for Windows 7?

I will provide you the technical details of the exploit you are talking about and then let you decide yourself whether you should worry or not.

The bypassUAC exploit exploits a bug (or rather a feature) of Windows operating systems where processes signed by the Microsoft code signing certificate don't prompt the user when it escalates its privileges to SYSTEM. This is known is privilege elevation in the Microsoft text. The issue was first identified by Leo Davidson back in 2009. If you look at the targets of this exploit, you will find that Windows 7 is vulnerable even though Windows Vista which came before Windows 7 is not vulnerable. The reason for this is because Microsoft deliberately downplayed the security of Windows 7 in order to provider a better user experience. Any Vista user is going to tell you the unlimited number of UAC prompts every time they performed a task. To minimize those prompts, Microsoft decided that all those applications that Microsoft signs with its code signing certificate should be trusted for auto elevation of privileges and so this vulnerability was born.

The way this vulnerability is exploited is that there is an exe file in C:\Windows\System32\sysprep\ directory called sysprep.exe which loads a DLL file CRYPTOBASE.DLL. Since the sysprep.exe don't load this DLL using its full path, you can put a malicious DLL with the name CRYPTOBASE.DLL in C:\Windows\System32\sysprep directory and the sysprep.exe will load the malicious DLL file when executed. This technique is known as DLL hijacking. Suppose the malicious DLL starts notepad.exe which is signed by Microsoft code signing certificate, inject another DLL in it such as metsrv.dll which is the Meterpreter dll file and then request for privilege elevation, the process will silently gets SYSTEM privileges without any UAC prompt because that is how it is designed in the default state on Windows 7. This vulnerability also exist in Windows 8 (although not with the sysprep.exe executable).

Now if you are concerned about this attack vector there are a few steps you can take to make sure bypass UAC don't work. The first thing you can do is not to use Administrator user. This will protect you because injecting a malicious DLL (or any other code) in another process require to have debug privilege on that process. Administrators can have debug privilege to any process that is why bypass UAC require Administrator privileges. Also, there are four UAC protection levels in the graphical console of the UAC in control panel. If you set the protection to Always Notify, no process can silently elevate its privileges. You will always get a UAC prompt just like in Vista and bypass UAC exploit will fail (unless you click Allow).

Now you decide whether you should worry about this vulnerability or not. In most of the cases, if the malicious user has gained code execution with Administrator privileges, its already game over for you. Elevating it so SYSTEM is just a symbolic game nowadays.