Because you've misunderstood the situation.

There's no doubt that this key can be used to man in the middle user connections, that's what the software it was extracted from is using it for.

Thank you for the comment.

I think you did not understand my comment.

It is true that the software is used for MITM. It is true that _Superfish_ is in the middle, decrypting the communication.

OTOH the author claimed that it might be likely for _others_ as well to possibly MITM the communication, by using the recovered key. My comment is that such a situation is unlikely under the premise that the public-key encryption technology was used correctly (from technical standpoint, not ethical).

EDIT: Even if it was the case that the recovered private key was used by the MITM server running locally for communicating with the web browsers, it wouldn't mean that others could use the key to decrypt data transmitted over the wire by using the key, since all the communication encrypted by the key would terminate within the local machine.

EDIT2: Ah sorry, now I understand. The root certificate installed by the adware was using the recovered private key. That would mean that others can MITM the communication by DNS spoofing, etc. together with a server certificate signed with the recoverd key.