Microsoft has released a security advisory detailing three ways to respond to the SQL injection attacks. This advisory doesn't covery a patch, just three tools:

1. HP Scrawlr is a light weight version of HP's WebInspect that will look for SQL injection flaws. I love that they used the Bobby Tables XKCD comic.
2. A new version of UrlScan (3.0 beta) the IIS version of mod_security.
3. A source code analyser which will identify SQL injection vulns, although it currently only works for ASP and not ASP.NET.