If you have a WordPress blog it would be worth your time to install this update to 2.3.3, or at least replace xmlrpc.php.
This is being actively exploited. It would also be worth checking your old blog posts for subtly inserted links in the article text. You might find words that were in the original article now link to spam parking pages.