...so ISP's should filter AS paths!
Filtering the path would not have prevented this from happening. However, filtering paths whos length was unrealistically long would have done a world of good.
I always thought they did.
Most already do. The problem was not the ASPATH itself, it was the length of it. The routers affected did not handle updates for a prefix which required more than one AS_SEQUENCE segments in order to obtain the full AS path. The existence of the additional AS_SEQUENCE segment is what triggered the bug, causing the receiving router to treat the update as invalid, and the BGP session is dropped.
If you have a procedure with 10 parameters, you probably missed some.