A security hole has been discovered in PHP versions from 3.0.10-3.0.18 and 4.0.1-4.1.1. Details are available here, and a patch is available from PHP.net.
If your PHP site is on a hosted server, it is probably a good idea to check to make sure your host is applying the patch.
