For those of you who have an IP-based virtual server running on Apache 2.x, the WordPress team has recommended that you immediately upgrade to WordPress 2.6.5, or at least upgrade the wp-includes/feed.php and wp-includes/version.php files.
Other changes mentioned:
2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests. For a list of changed files, consult the full changeset between 2.6.3 and 2.6.5.
Oh, and in case anyone else noticed, it looks like they skipped releasing WordPress 2.6.4 completely. I assume this is due to the fake WordPress 2.6.4 release, which was released by someone pretending to be the WordPress team and contained a trojan horse virus. Smart move as this should help avoid confusion.
Kyle Eslick
Kyle Eslick is the founder and primary author of WordPress Hacks. You can learn more about him at KyleEslick.com or you can follow his personal tweets here.
14 feature in theme looks quite interesting but yet have problem on SEO with some theme of Wordpress. 
Nicen themes, good work :) 
How to display my wordpress site's tags as cloud in another html site? is there any code? I want to ...
Thanks for releasing this version. 
As your site has a lot of widgets, so I think it will significantly reduce the server usage. 
Hi and thanks for the post, I was browsing your site when I saw your post. I have already updated to the new version.
woohoo yet another updte and 2.7 is only around the corner.