Qualys has just reported that Oracle released a new version of Java yesterday: http://blog.qualys.com/laws-of-vulnerabilities/2016/03/24/oracle-out-of-band-release-for-java-0-day

They add that "Since Oracle choose to fix this vulnerability out of band, we can assume that a workable exploit of the vulnerability based on the published information  is relatively easy to come up with. You should give this fix high priority and address as soon as possible".

I presume we simply wait for e.g. OEMs and others to tell us, or when the likes of Secunia PSI pick it up.