Well, considering the format of this attack, the type of "common sense" to protect against this type of attack is not so common. Most people have never seen the Task Manager, let alone know how to use it. This type of attack uses banner ads placed on LEGITIMATE web sites by marketing agencies who sell ad space. You could pick this up by viewing ANY of the web sites you view every day. This is why the problem is so wide spread. It then runs a flash script that exploits a well-know, but as of yet unfixed, vulnerability in Internet Explorer. I guarantee you that the Firefox developers have already released some type of patch for Firefox and Netscape to prevent similar attacks.
Internet Explorer is a poor choice for a browser because of Microsoft's poor attention to security vulnerability, combined with its extremely high profile, making it an easy target for crackers.
The article posted above shows that even Mac users were minimally affected, but were protected out of simply not being in the target of the attack.
The trouble with the "common sense" security is that it is more akin to living in blissful denial. ALL computers connected to the internet are potential targets for hackers, and any one of them at any time could be infected. The majority of computers I see in use by individuals have been infected by more than one virus and spyware program before they even take notice. Case in point: I reformatted my hard-drive a year ago. Reinstalled Windows, and the first and only thing I did with it was go to AVG's secure website to download a new copy of the antivirus. I did nothing else while the program downloaded. In 3 minutes, the file had downloaded, but I was unable to install it as my machine was already infected with a virus. 3 Minutes is all it took for a fresh machine to be infected, and I had done NOTHING online.
Norton, while bloated and busy, is better than nothing at all. I prefer AVG, it works well enough and is free. You sill need anti-spyware and a firewall too. You just can't go without these things these days. Even these things, though, will not fully protect your computer like avoiding being a part of the target audience, being the 85% of computer users who use Internet Explorer exclusively.