A new version of Magento has been released. Since a few security issues have been resolved, we’re considering this a security fix and we recommend all Magento website owners have this upgrade done.
Magento Open Source 220.127.116.11 Release Notes (Magento.com)
This version (or patch SUPEE-10888, which applies to older versions of Magento) provides resolution of multiple critical security issues. These critical security issues include remote cross-site scripting and cross-site request forgery issues. We recommend upgrading your Magento store to this latest version. See Magento Security Center for a comprehensive discussion of these issues.
Note: With this release, Magento is announcing the following support policy: For Magento Open Source 1.5 to 1.9, Magento will provide software security patches through June 2020 to ensure those sites remain secure and compliant. Visit our information page for more details about our software maintenance policy and other considerations for your business.
Our Website Maintenance Department will be in contact with our clients regarding this upgrade. If you need this upgrade done on your website, please contact us.
Magento has also announced the end of life for the 1.x version:
Supporting Magento 1 through June 2020 (magento.com)
For Magento Open Source 1 (formerly known as Community Edition):
For Magento Open Source 1, we are providing software security patches through June 2020 to ensure those sites remain secure and compliant. Please visit our Legal Terms page and review our Magento Open Source Software Maintenance Policy to see which versions of Magento Open Source 1 continue to receive software security maintenance.
It looks like support will end in July 2020, so that's about a year and a half to either make the migration to Magento 2 or maybe go over to WordPress with WooCommerce. We'll be contacting our Magento 1 clients in a bit with proposals that have these options.