On the off chance that you haven’t heard the news yet. You should upgrade your WordPress install straight away. Don’t hesitate, do it now. Don’t pause to grab a cup of coffee. If you’re just waking up then rub the sleep from your eyes and jump to the download page and grab WordPress 2.1.2.
Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.
Users running from svn code aren’t affected, but then you probably already knew that already didn’t you? You should be subscribed to Hackers and Testers lists.
Don’t worry if you’re running a WordPress MU site. That isn’t affected, although you should upgrade to the latest 1.1.1 release as that fixes a number of problems with 1.0 as well as merging in some security fixes from WordPress core.
WordPress.com users have nothing to worry about.