http://wordpress.org/development/2009/09/keep-wordpress-secure/

Knowing logically that websites can be infected with virus and reading a blog engine developer’s lengthy advice to upgrade the blog engine you are using to prevent getting infected with a worm is quite different. Nowadays malware are everywhere. πŸ™ Good thing is my blog and webbies are up to date.Β  If you or somebody you know is using a WordPress version that has not patched the security vulnerability, heed Matt’s advice.