What you can do till MS releases a patch :
1. Turn on DEP in Internet Explorer. (on in IE8 by default). Microsoft fix-it tool : http://support.microsoft.com/kb/979352
2. Run IE in Protected Mode in Vista and 7. (Enable for every Zone in IE Options > Security)
3. Change Internet zone Security settings to High in IE.
4. Use Sandboxie to browse online. This way an attack cannot alter system files.
5. Try using an alternative browser.
UPDATE : Microsoft has released emergency patch on 21st January.
If you have auto-update enabled, it will be installed automatically. You can also manually download the patch from http://www.microsoft.com/technet/security/...n/ms10-002.mspx
(adding this updated information, in case people get confused about using Internet Explorer after reading this post)
Edited by Romeo29, 22 January 2010 - 08:24 PM.