Yesterday, Joomla 3.6.5 was released. It's a high priority security release that needs to be applied as soon as possible. It fixes 3 security holes and all Joomla website owners should have this patch applied immediately.
Joomla! 3.6.5 Released (joomla.org)
Joomla! 3.6.5 is now available. This is a security release for the 3.x series of Joomla! which addresses three security vulnerabilities, miscellaneous security hardening and three bug fixes; no further changes have been made compared to the Joomla! 3.6.4 release. We strongly recommend that you update your sites.
What's in 3.6.5
Version 3.6.5 is released to address three security issues, miscellaneous security hardening and three bugs.
Security Issues Fixed
- High Priority - Core - Elevated Privileges (affecting Joomla! 1.6.0 through 3.6.4)
- Low Priority - Core - Shell Upload (affecting Joomla! 3.0.0 through 3.6.4)
- Low Priority - Core - Information Disclosure (affecting Joomla! 3.0.0 through 3.6.4)
- Security Hardening
TYPE OF UPGRADE: Security
MAJOR OR MINOR: Minor
SUGGESTED ACTION: Get it done now.
WHY: To fix security issues in the software.
Our Website Maintenance Department will be in contact with all of our clients running Joomla regarding these upgrades and we'll get you a quote.