WordPress worm leads to site defacement

http://www.securityfocus.com/brief/1008?ref=rss

WordPress is warning its users of a new worm that is currently
spreading. If you have not installed one of the last two updates,
released on August 3 and August 12, you are vulnerable to the worm.

This worm posts spam as an admin user.

It is recommended that all WordPress sites update to the latest version.

This is a Severity 1, Priority 1 issue.

Severity 1: This vulnerability is the most severe. It poses high risk to
the other groups/schools or the entire Institute as a whole. This also
may be a vulnerability that puts the image of the Institute at risk.

Priority 1: This vulnerability is the most severe. It is actively being
exploited, or exploitation is imminent. Other outside businesses or
schools are actively being exploited.