Yesterday the Joomla team released a security patch for Joomla 1.6.x and 1.7.0. The patch fixes two XSS vulnerabilities and one privacy bug. The update is highly recommended.
More details on the Joomla site here
The Ramblings of a Developer, Project Manager, Sys Admin and Tech Junkie