We recently contacted VaultPress customers who were affected by the TimThumb image library vulnerability with instructions on how to secure their sites. As previously noted, the vulnerability allows third parties to upload and execute arbitrary PHP code in the TimThumb cache directory, compromising your entire WordPress site.
After some additional work, we’ve gone ahead and fixed the vulnerability for most of the affected VaultPress customers who haven’t yet updated their sites. We’ve fixed 712 copies of the script across our customers’ sites. We’ve sent out emails to all affected customers detailing what we fixed, and if there is additional cleaning that still needs to be done.
We provide services like this to sites under our care because keeping sites safe and secure is something that we’re passionate about. We like to think that each of the 712 files we fixed helps make the Internet that much better of a place.
Please refer to our instructions for updating TimThumb if you must continue to use it on your site. Customers can also contact the VaultPress Safekeepers directly for help from the VaultPress dashboard.
VaultPress Blog 
Just a quick note, maybe you want to look at the new WordThumb created by mark maunder base on timthumb, http://code.google.com/p/wordthumb/
I get the feeling there’s a lot of un-coordinated work happening around TimThumb right now. Between you guys, the original TimThumb developer and the new WordThumb fork, a single orchestrated effort could go a long way.
We and some WordPress contributors have submitted patches directly to the author of TimThumb: http://code.google.com/p/timthumb/issues/detail?id=212
Pingback: TimThumb Updated To Version 2
Pingback: WordThumb project merges with TimThumb, Mullenweg comments | WPCandy
Pingback: Five WordPress Tune-Up Tips for the New Year | WP Apprentice
Pingback: Script Installation Service