The WordPress team has WordPress 2.8.5 released today as a hardened version to make WordPress more secure. Since updating improves the security of your site, it is recommended that you update as soon as possible.
The main changes in this version are:
- A solution to the trackback attack currently running.
- Elimination of areas within the code where the PHP code was evaluated in variables.
- The file upload feature has been whitelisted for all users, including administrators.
- Remove the two old plugin tag importers.
If you think your blog has been one of the latest exploits, WordPress recommends using the WordPress Exploit Explorer to make sure all traces of the exploit have been removed.
Update now and follow the definitive guide to updating WordPress.