Just a note: I don't have a problem with Android Central's reporting. It is just curious that we seem to have a disconnect between sources about how worried we should be. Forbes seems to be reasonably good at avoiding breathless hyperbole, however Forbes is not primarily a computer journal.
To me, the potential vulnerability seems pretty serious. Any MMS text messaging facility (or other software) that allows video playback using the Stagefright frame work is at risk. For example, I believe the Firefox browser version for Android was vulnerable because it uses Stagefright, however Firefox has already been patched.
The text messaging facility is more problematic because of the way the system integration is handled. It sounds like a system update will be needed to fix the problem, and indeed Google had patches ready as far back as April 2015, however the distribution to wireless carriers and pushing out to customers could take months. Older phones that are off carriers' radar screens might not be patched in a timely fashion, if carriers take any action at all.
In the mean time, it seems like the best action to take is to disable Google Hangouts because Hangouts apparently can not be stopped from processing MMS video through the Stagefright framework before the user is even aware there is an incoming message. The older Messenger application is also risky because a user can still be tricked to opening an enticing infected MMS, but at least it is possible to set Messenger not to allow Auto-retrieve.