How do I upgrade my timthumb.php script to the latest version?

Awesome question, Sean! :D

First, you need to find your existing timthumb.php script. You can do that with the find command:

find ~ -name timthumb.php

The result of the command will look something like this:

/home/you/webapps/wp/wp-content/themes/sometheme/timthumb.php
/home/you/webapps/otherwp/wp-content/themes/othertheme/timthumb.php

You can then replace each one with the following commands:

wget -O /home/you/webapps/wp/wp-content/themes/sometheme/timthumb.php http://timthumb.googlecode.com/svn/trunk/timthumb.php
wget -O /home/you/webapps/otherwp/wp-content/themes/othertheme/timthumb.php http://timthumb.googlecode.com/svn/trunk/timthumb.php

If you're feeling brave, you can replace them all at once with a single command (you might want to back up your existing scripts first):

find ~ -name timthumb.php -exec wget -O {} http://timthumb.googlecode.com/svn/trunk/timthumb.php \;

Sometimes the script is named something else, like "thumb.php" - in that case, just modify the above commands to match whatever filename you need.

You'll also want to look in the thumnbnail cache directory, for example /home/you/webapps/wp/wp-content/themes/sometheme/cache, and delete any PHP files you find in there (since those are most likely malicious script that was uploaded via the exploit).

If your images aren't appearing after upgrading the script, then try setting the PHP DOCUMENT_ROOT as described here: Configuring DOCUMENT_ROOT. This problem usually happens for sites that serve multiple applications. If you're only serving a single app from your site, then you're probably not affected by it.