Update 1: ASP.NET Zero Day Vulnerability - Padding Oracle Exploit
ScottGu has posted some additional FAQs on http://weblogs.asp.net/scottgu/archive/2010/09/20/frequently-asked-questions-about-the-asp-net-security-vulnerability.aspx
The Microsoft advisory has been revised with some additional content in the FAQs. http://www.microsoft.com/technet/security/advisory/2416728.mspx
The SRD blog has also been revised with some additional content. http://blogs.technet.com/b/srd/archive/2010/09/20/additional-information-about-the-asp-net-vulnerability.aspx
The Sharepoint team has a blog on some additional workarounds that you can employ for Sharepoint 2010. http://blogs.msdn.com/b/sharepoint/archive/2010/09/21/security-advisory-2416728-vulnerability-in-asp-net-and-sharepoint.aspx