A new Update 17 version for JRE and JDK closes some major risks, including "arbitrary code execution," according to US-CERT.
Sun's new software versions, released yesterday, also address privilege escalation, denial of service, and information disclosure vulnerabilities, according to US-CERT's post. Unless you've turned it off, Java will check for updates automatically, but will only do so once a month (on a day that varies per installation).
To grab the new version right away, double-click the Java icon in the Windows Control Panel to bring up the Java control panel. Head to the Update tab, and then click the Update Now button.
Alternatively, you can download the new versions from Sun's Java site, which also has full details on both updates.