There's no real cure for this kind of attack unless you avoid using popular browsers such as Internet Explorer entirely and opt for Firefox Flock, Seamonkey and others mozilla-based browsers extended with an add-on called NoScript, developed by Giorgio Maone.
NoScript's Anti-XSS filters have been deeply tested and proved their ability to defeat every known reflective XSS technique, but their power is a double-edged sword: sometime they may detect a weird looking but legitimate request as a "potential XSS attempt". This should almost never be a show stopper, since the filter most of the time doesn't prevent you from navigating the filtered page, but the aforementioned Unsafe reload command and the XSS Advanced Options are have been made easily accessible so you can work-around if you hit a false positive with side effects.
While Cross-Site Scripting (XSS) vulnerabilities need to be fixed by the web developers, users can finally do something to protect themselves: NoScript is the only effective defense available to "web-consumers", waiting for "web-providers" to clean up their mess.
See also the NoScript XSS FAQ, or read the excellent Cross Site Scripting Attacks: Xss Exploits and Defense book.