WordPress 2.8.6 Security Release

“WordPress 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.”
– no other specifications; what if you do not have untrusted authors, do you have to upgrade?
– Which are the endangered WordPress files? so we can simply replace them without having to do a complete upgrade. Questions that need answers. via [WordPress 2.8.6 ]