Oracle’s Critical Patch Update Advisory for January 2021 includes an entry for Java. There’s a single security vulnerability in Java 8 Update 271 and, presumably, in earlier versions as well.
The risk of using an unpatched version of Java depends on how you use it. If it’s only used to run specific, business-related software, the risk is low. By far the biggest risk is Java code that arrives on your computer by way of compromised web sites, or in email.
Java’s newer, built-in security features make it less of a risk than in years past, but risk remains. As a rule, it’s best to keep Java up to date.
If Java is installed on your Windows computer, you’ll see an entry for it in the list of installed software in the Control Panel or Settings. You should also see an applet in the Control Panel for Java, which you can use to both check which version is installed, and update it if necessary.
To get to the Control Panel in Windows 10, click the Start button, then start typing “control panel”. You should see it in the search results as you type. Click the search result to get there.