In response to the serious vulnerability that has been found in the current PHP release, the PHP group has put out a new version that will take care of this bug:

The PHP Group has learned of a serious security vulnerability in PHP versions 4.2.0 and 4.2.1. An intruder may be able to execute arbitrary code with the privileges of the web server. This vulnerability may be exploited to compromise the web server and, under certain conditions, to gain privileged access.
PHP contains code for intelligently parsing the headers of HTTP POST requests. The code is used to differentiate between variables and files sent by the user agent in a "multipart/form-data" request. This parser has insufficient input checking, leading to the vulnerability.

So, if you're using the older version of PHP currently, you should seriously consider upgrading to the latest - PHP 4.2.2. For more details on the bug, visit the PHP.net post about the bug. The new 4.2.2 release doesn't include other changes, so upgrading from 4.2.1 is safe and painless.