Someone might want to address the post by duskglow, that begins with "Ah, heck. I think this bug is being actively exploited, .." http://wordpress.org/support/topic/134928/page/2#post-686503