The WordPress development blog has an entry up alerting users of the popular blogging software about their latest security update:
It has come to our attention that under certain circumstances there is a security vulnerability in WordPress that may be triggered if youâ€™re running the default template. We were able to respond very quickly (under 40 minutes) and update the download to 22.214.171.124. You can upgrade by overwriting your old 1.5 files or if you would like to apply the fix manually it is relatively simple
The latest version, 126.96.36.199, is available from the WordPress download site, along with installation and upgrade instructions.