Post of April the 3rd, 2007 (today) taken by the WordPress.org official blog:
WordPress 2.1.3 and 2.0.10 By Matt. Filed under Security, Releases.
We have a security update release now available for both the 2.1 and 2.0 branches of WordPress now available for immediate download. This update is highly recommend for all users of both branches.
These releases include fixes for several publicly known minor XSS issues, one major XML-RPC issue, and a proactive full sweep of the WordPress codebase to protect against future problems. Many thanks to Sumit Siddharth and Alex Concha for their help with reporting issues in this release.
As an update to the systems issue we had last month, we have taken dozens of additional precautions with the servers and systems that run WordPress.org and they appear to be working well, despite hundreds of hack attempts after we publicly disclosed there had been a problem. We are also now aggressively monitoring all downloads for any changes or modifications, and we are confident the same type of problem won’t happen again.
If you are on 2.1, it's useless to do backups or something like it: the
wp-admin/upgrade.php script will not touch the DB. So... update peacefully (and pleasantly). For the others still on 2.0.x: why not upgrade now?