The PHP Group has released PHP version 5.2.8 to address a vulnerability in the magic_quotes functionality. This vulnerability was introduced in PHP version 5.2.7. In addition to correcting this regression, PHP version 5.2.8 addresses a number of vulnerabilities that were originally addressed by version 5.2.7.

US-CERT encourages users to upgrade to PHP 5.2.8 or implement the workaround as described in the PHP 5.2.8 Release Announcement.

Read more: US-CERT Current Activity