Unpatched IE based DirectShow exploit circulating in thousands of websites

Please be careful in website visitations, as this new exploit has been injected into numerous websites.  Many of the affected sites appear to be located in China (CN domain suffix).  However, this actively working exploit could circulate even more extensively.   AV vendors are establishing protection and one manual workaround is to set a kill bit is noted below:

0-day in Microsoft DirectShow (msvidctl.dll) used in drive-by attacks
http://isc.sans.org/diary.html?storyid=6733
http://www.avertlabs.com/research/blog/index.php/2009/07/06/new-attacks-against-internet-explorer/
http://www.f-secure.com/weblog/archives/00001716.html
http://sunbeltblog.blogspot.com/2009/07/microsoft-directshow-zero-day.html

QUOTE: A 0-day exploit within the msVidCtl component of Microsoft DirectShow is actively being exploited through drive-by attacks using thousands of newly compromised web sites, according to CSIS. The code has been published in the public domain via a number of Chinese web sites.

WORKAROUNDS FROM SITE LINKS ABOVE

1. Please keep a watchful eye on your AV and IDS/IPS vendors updates to ensure coverage as early as possible on this exploit as it is likely to be widely deployed with the code being available.

2. A valid work around for the attack vector is available which set's the kill bit on the vulnerable DLL:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}]
"Compatibility Flags"=dword:00000400

3. Use another browser besides Internet Explorer until this vulnerability is patched.