I’m sure most of you already saw this on Slashdot.
I’m kinda sketchy on the details, as I’m busy in the middle of upgrading my phpBB install, but it seems pretty dangerous. A lot of sites have already been defaced.
I know some team sites use phpBB or atleast PHP to run their site, so make sure its secure. (Rumors are that is actually a PHP exploit compounded by the recent highlight exploit in phpBB.)
There is a known exploit in PHP itself (the programming language). You should upgrade all servers to at least PHP version 4.3.10 and Zend Optimizer to version 2.5.7.
However, these are completely separate issues. Just upgrading PHP on the servers to the current version will not fix exploits in PHPbb.