I received this message from the WordPress.Org feed found on my WordPress dashboard.
If your blog is running 2.1.1, please upgrade immediately and do a full overwrite of your old files, especially those in wp-includes. Check out your friends blogs and if any of them are running 2.1.1 drop them a note and, if you can, pitch in and help them with the upgrade.
Why? Because :
Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.
I have upgraded this blog to WP 2.1.2.
Go upgrade yours as well. If you dare not touch it, maybe find someone you trust, offer them a reasonable fee and upgrade them for you? People’s time is money, you know? Or if you have good friends who can do it for you for free, even better. But the best is to learn to do it yourself. It is not difficult at all, once you get a hang of it.
There are plenty of online tutorial found on WordPress.Org’s support site.