Internet Explorer VML Vulnerability

If you havn't been following the news, there is yet another 0-day unpatched vulnerability in Internet Explorer. There are a few differences than with previous vulnerabilites:

• You can get this just by viewing an HTML email
• It is already widely exploited, as it is included in WebAttacker, a "commercial" multi-exploit kit

Here's what we know you can do to protect yourself:

• Do not visit untrusted web sites.
• Do not follow untrusted links in Microsoft Outlook email messages.
• Disable default HTML rendering in Outlook (Tools > Options > Preferences > E-mail Options > Read all standard mail in plain text)
• Unregister or set permissions on vgx.dll
• Upgrade to Internet Explorer 7 RC1
• Use a different web browser