No I wasn't aware of the article
It is interesting but the article says they use error details returned on the failed requests after modifying the cookie to decipher the machine key.
I think the problem is mitigated by the fact that by default no error message is returned from the server because we have
<customErrors mode="RemoteOnly" which means that error details are not returned unless the request is using localhost.
So, the only people who are vulnerable are those who have turned off the friendly error page and left the error details enabled with this setting:
with the correct settings they cannot get any error details from the server, so I'm not overly alarmed but I would urge people to check the <customError configuration in Web.config and make sure it is set to RemoteOnly or On.