20 minutes ago WordPress.org started rolling out a security update to several of the latest releases. By default, this update will happen automatically (automagically ;) ). But in case you have, turned off the automatic update, then this is gor you. The update fixes a whole bunch of XSS (Cross-site scripting) vulnerabilities that you WANT to plug as quickly as possible!
More information here: https://wordpress.org/news/2014/11/wordpress-4-0-1/