Yes, we'll upgrade. But when we feel it is stable enough. PHP is a tricky thingy. Newer knows whether all code developed for previous versions will work with a set of certain compilation options.
QUOTE
The PHP Group today announced the details of a serious CGI vulnerability in PHP version 4.3.0. A security update, PHP 4.3.1, fixes the issue. Everyone running affected version of PHP (as CGI) are encouraged to upgrade immediately. The new 4.3.1 release does not include any other changes, so upgrading from 4.3.0 is safe and painless.
The above announcement is written on php.net. We don't run PHP as CGI module, so there is no good reason to hurry to upgrade all the server.