I just found out about this about a half hour ago. For the time being, I have performed the temporary fix
which avoids this problem. I couldn't perform the 2.0.11 update since I have customized a bunch of PHPBB 2.0.6 scripts myself, and only have a record of what I changed on my work computer. I'm on vacation right now, but will be popping into work in a few days. Maybe I'll do it then.
FYI, as my host struggles with issues as a result of this worm, the site may be offline from time to time... as it was about a half hour ago, which is what caused me to look into what was going on...!
It's pretty nasty to release out a brand new exploit worm like this just before Christmas when everyone is on vacation!
Thanks for the info, Jaap.