WordPress 4.2.4 is now available and as this is a security release for all previous versions with no less than SIX security issues found and fixed, we strongly encourage you to update your sites immediately.
WordPress versions 4.2.3 and earlier are affected by three further cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a website. It also fixes a potential timing side-channel attack and prevents an attacker from locking a post from being edited.
In addition to these two important issues, WordPress 4.2.4 also contains fixes for a further 4 bugs from 4.2.3
Sites that support automatic background updates have already started to be upgraded automatically and if your site doesnt already support this feature then we STRONGLY advise you to enable it. Otherwise you need to go to the Dashboard / Updates area and click “Update Now.”