Kaspersky Lab, a leading developer of secure content management systems, has detected a new worm, Net-Worm.Perl.Santy.a. This worm infects certain web sites by exploiting a vulnerability in phpBB, a popular package used to create Internet forums. Santy.a is spreading rapidly, and has caused an epidemic. However, this does not directly affect end users – although the worm infects web sites, it does not infect computers used to view these sites.

The new phpbb exploit .. … had to upgrade php to 4.3.10 and Zend optimizer. No problem upgrading .. also applied this rule to mod security to help preventing this attack.
SecFilter "viewtopic.php?" chain
SecFilter "chr(([0-9]{1,3}))" "deny,log"

you can also put this in htaccess file to prevent the attack
RewriteEngine On
RewriteCond %{QUERY_STRING} ^(.*)highlight=%2527
RewriteRule ^.*$ - [F,L]

Source : WebhostingTalk.com