Yes... delete the old CKeditor folder immediately and the security hole will be closed.
Then you will go to the contents_update.php page to add the newer CKeditor and you should be good to go.
Another option if you have Design Extender is to (save a backup first) delete the entire admin for the cms and the connection for it and then have Design Extender upgrade the entire back end to the newest version.