Further analysis has shown that although older versions of phpBB are vulnerable, phpBB 2.0.11 is not.
Therefore we strongly urge everyone to update to phpBB 2.0.11 to prevent infection by this Worm.
Today we received reports about certain sites being defaced. Investigation has shown that a worm which utilizes a vulnerability in phpBB is responsible for this.
PhpBB is a very popular software to use for internet boards/forums, so this affects a lot of sites. Therefore we are putting a Red Alert on it.
Currently there is no patch for this problem, only a work-around, which can be found here.
The worm is extra tricky because it replaces asp/php/htm/shtm files with its own code, not only meaning that you might lose data, but also that other sites using the same host get infected.