Patches have been released. Make sure you apply the patch if you run your own servers, or contact your host to make sure they apply the patches. This is a big security hole because it allows people to read the files on your server (ie the files that contain sensitive customer or logon data) and also to save files to your server without your knowledge that will give the hackers full access.
In a nutshell, someone could take over your site(s) if the patch isn't applied. Note again, that they intial reports say the exploit only works on Windows servers, but since the exploit also exists in the *nix version of PHP it would still be wise to apply the patch.
More info on the exploit is available at SecurityFocus.com and patches are available from PHP.net. Affected PHP versions include:
- 5.0 candidate 1
- 5.0 candidate 2
- 5.0 candidate 3