WordPress released a minor security release during the week which fixes a problem with the XML-RPC remote publishing interface which allowed unauthorised users to delete posts. The only significant files updated for this release are xmlrpc.php and update-core.php.
This update is only vital for those of you who have remote publishing enabled. I would normally advise you all to upgrade whenever a new release has been announced but this is such a small update that it’s probably not worth your while unless you use remote publishing.
More information about this release can be found at the links below.