WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of
xmlrpc.phpand copy it over your existing
xmlrpc.php. Otherwise, you can get the entire release here.
I have not yet update my blog, I believe that I am not affected since my blog is run by me only. I will just wait for the next WordPress and i hope it will have a 1 push button update. To avoid the problem that may occur during manual update.