The first of two exploits can render the Windows kernel corrupted and thus the machine unbootable, and apparently is the simpler of the two. An easy fix, for a techie, but a nightmare for others.
The second flaw, also through the HP Update Software, is less dangerous and requires more user intervention, via clicking a link to a malicious site. It affects Windows 2000, XP and Vista, whether you are using IE6 or IE7. Obviously it is up to HP at this point to post a fix, and they definitely should do such soon.