

Attackers target unpatched PHP bug allowing malicious code execution - abraham
http://arstechnica.com/business/news/2012/05/attackers-target-unpatched-php-bug-allowing-malicious-code-execution.ars

======
shebson
Because this only affects PHP running in CGI mode, it should really only
affect out-of-date systems. By default with Apache 2, PHP is run by the Apache
2 Handler (which isn't vulnerable). Even before that, mod_php has been
standard for quite a while.

