I didn’t bother mentioning the new PHP XML-RPC vulnerability to somebody yesterday, assuming they already knew. Alas, they got burned by it so I’m making it a point to mention these things in a widespread generic sense from now on.
As such: if you are running PHP content management systems like blogs, postnuke or anything that uses PEAR XML_RPC <= 1.3.0, you need to drop what you are doing, login as root, and run
pear upgrade XML_RPC
right now. See the PHP website for details.