People are talking about multisig support as if it would have prevented the recent thefts. It probably would have; but it would be nothing to do with multisig. That same security is (mostly) already available.
Here's what Gavin said in the Ars Technica article:
Under the new system, wallets would contain only one of two private encryption keys needed to spend coins. The other key would reside on a separate machine at a different location. Software on the second machine would scrutinize proposed transactions to make sure they're legitimate, and wouldn't send an entire payment all at once.
In other words: a second secure machine is needed to approve a transaction. Let's say it's as simple as a message popping up on your mobile phone saying "approve the following withdrawals". In multisig, answering "yes" would sign the transaction with the second private key. That would definitely be great. However, what is to stop the single current signature required being obtained in the same way it will be in this multisig world?
No private key stored on the "hot" wallet; the mobile phone app stores the private key and signs on demand with approval from the owner. Now imagine that that app was in Zhou or slush's pocket.
This is not to say there aren't additional advantages to multisig (prevention of damage on theft of mobile phone being one), but the above would have prevented the thefts without needing multisig support to be ready.
There are already people doing this: BCCAPI as used by BitcoinSpinner, Electrum, StrongCoin, Blockchain.info -- they all do off-server transaction signing.
