Other than mining (preferably solo) and running bitmonerod, is there anything else that regular Monero users can do in the immediate future to help defend against the expected attack tomorrow, or allow faster repair of the damage if any?
If there is evidence of an attack or even when an attack seems likely the best thing to do is simply not engage in transactions. The old part of the blockchain will be fine regardless.
We don't find credible the claim of an attack against private keys (see mathematical analysis posted here). Of course we could be wrong, but we will cross that bridge if and when we come to it. No one can guarantee zero risk, but we believe this risk is very low.
You don't need to personally back up your blockchain, if there is an kind of attack against it there will be an update that will recover it just as there was with the last attack, which was likely far more sophisticated in terms of technical knowledge required than anything BCX has in mind, but that is just my guess. It can't hurt though.
Don't panic (ever). Wait for further updates.
Thanks, are you recommending to refrain from any transactions even now, many hours before the alleged start time of the attack (or is there a time later today after which we should hold off)?
I have not made any specific recommendation other than what I said above, please use your best judgement. We will have another statement later.
Is that only because the attack might start earlier than promised?
Of course it could.
Specifically, would you advise not withdrawing recently purchased XMR from an exchange to a private wallet? Normally I prefer to withdraw quickly to reduce exchange risk, but under the current circumstances, would withdrawing create greater risk?
See above please.
Anonymint recently claimed XMR might be subject to theft if it was previously mixed. Although I understand such theft may be unlikely, is there any way to reduce that risk for XMR previously withdrawn from an exchange (so the prior history is unknown but may include a mix)?
Our mathematical analysis suggest that his suggested attack is implausible. I think he largely agreed in his last posts on the matter. As I said, we can't guarantee zero risk, but have zero knowledge of a credible threat against private keys (other than your own storage of them).
I mentioned backing up the blockchain because I thought some people needed to download the blockchain again after the recent fork, but I may have misunderstood.
Only very few did, but I did edit my reply above to suggest that backing up is not a bad idea in any case.