Upgrade to WordPress 2.8.6 Now
WordPress 2.8.6 has just been released. Its a security update, which means that it fixes critical security vulnerabilities in WordPress 2.8.5.
You should upgrade to the latest version immediately using the automatic upgrade feature inside WordPress admin panel. Or, if you need more control, then you can always download the latest version (2.8.6) and upgrade manually.
Also don’t forget to backup the database and files before attempting the upgrade process. Although this security update only changes a few core files and doesn’t changes the database structure, it is still recommended to backup the database to be on the safe side.
If you are an advanced WordPress user, then here’s the detail about two security vulnerabilities that this WordPress 2.8.6 security update fixes,
The first problem is an XSS vulnerability in Press This found by Benjamin Flesch. The second problem, found by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations.
To fix both these security issues, upgrade to WordPress 2.8.6 now.
This update was really unexpected.. though this update seems to be only for those who have multi author blogs or is it for every one?
Yes, Harsh. You are right. This update fixes security vulnerabilities that can only be exploited by logged in users. So, its basically for multi-authored blogs only.
However, I still suggest you to upgrade to the latest version(2.8.6).