I don't and I also disagree that it invalidates the argument. Advertising scripts are a blackbox for almost every site using them. There are open bidding systems and poor checks in place to validate ads that are submitted (Flash ads, for example, in the past).
In the example I cited, I didn't get a devastating virus from boxscore Javascript on NBA.com, or from some other local script, it was a driveby from a hosted ad. Just not worth the risk.
The large chunk of malware distributed via websites is through hacked sites which fire the malicious scipts only a in 2-3 visits out of 100. Ads are responsible for about 20-30% of the malware distribution.
In the example I cited, I didn't get a devastating virus from boxscore Javascript on NBA.com, or from some other local script, it was a driveby from a hosted ad. Just not worth the risk.