Apple has released a security fix for iOS 4 and users now have to decide whether or not to install the update. There are pros and cons to installing the update, mostly revolving around whether or not you're interested in jailbreaking your device. The security problem was first discovered and used by the Dev-Team to hack iOS 4 and provide a simple way to jailbreak through the Safari browser.
Now that Apple has released a fix, the developer responsible for the JailbreakMe 2.0 in-browser jailbreak software has made the source code of his exploit public. Let's be clear, the iOS 4.0.2 update will make jailbreaking with JailbreakMe 2.0 impossible, however now that the source code of the jailbreak is public, security threats are bound to multiply.
Until now, the only software taking advantage of the security hole patched by Apple in 4.0.2 was JailbreakMe, but now that the source code is public it's possible that unscrupulous developers could make a malicious program to infiltrate iPhones running earlier firmware versions through the PDF viewer in Safari. The whole key to keeping safe is not opening suspicious or unknown PDF files through the Safari browser on your iPhone.
Ironically, while Apple has not released a PDF security hole fix for earlier devices such as the original iPhone, underground developers have made the patch available to everyone via the Cydia jailbreak app store. In order to jailbreak iOS 4 or 3.x you must use JailbreakMe 2.0, then with an older jailbroken iPhone you can access the security fix for the same exploit the jailbreak uses to gain access to your device.Similarly, developers have released a jailbreak app called PDF Loading Warner that asks users whether or not they want to load a PDF file in Safari, possibly preventing the execution of malicious code on their devices. Before you can install this warning system you have to make use of the same security hole to jailbreak the iPhone with JailbreakMe 2.0.
So here's the short answer. If you want to jailbreak your iPhone, don't use Apple's official firmware, but take advantage of the PDF security tools available after you jailbreak to help reduce the chances of problems later. If jailbreaking doesn't interest you at this time, definitely install iOS 4.0.2 so you can have a secure device and not worry about any malicious software that comes your way via PDF files.