There is news of a worm which uses a vulnerability in the PHPXMLRPC libraries to spread a computer virus. Some articles are pointing to out-of-date information claiming that WordPress 1.5 is vulnerable. That is incorrect. WordPress 1.5 or higher is safe. Since the release of version 1.5, WordPress has used a completely different XML-RPC library, called IXR.
So, everyone running 1.5 or higher can breathe a collective sigh of relief.
Those of you running 1.2.x or lower? /insert theme from Jaws here