According to Scott Guthrie's blog post this is required as part of the workaround for the ASP.NET vulnerability.
So I commented out the <PageNotFoundHander module in Web.config for version 22.214.171.124, this is the module that would provide the friendly 404 page.
On this site, I have not commented it out but I monitor this server closely and also I "think" that the mitigation I did to return a 404 instead of a 500 response code for CryptographyExceptions is also effective defense. Now I am also looking into the Dynamic IP Restrictions module that Scott also mentioned in his post as a way to block this attack.
So, since I have full control of my server and monitor it closely I'm taking a risk that I feel comfortable with on this site, but I don't feel comfortable telling others to do the same, the best advice is to do what Scott Guthrie says and mojoPortal 126.96.36.199 is pre-configured according to what Scott Guthrie advises to make sure that mojoPortal users are protected.
Keep in mind that Microsoft is working on a real solution to the problem and this workaround is only a temporary measure until a Windows Update patch is released for this issue.