Earlier today Drupal ORG announced an important update 7.67 that fixes security vulnerabilities and urged to upgrade immediately sites effected. There were no changes made to the .htaccess, web.config, robots.txt or default settings.php files. That means no need to update custom versions of those files if your site is already on the previous release.
First make a backup! There are four main ways to update Drupal core if you already have an existing website. The easiest one, recommended for newcomers, is manual download of a new Drupal archive file version, uploading it to your website home folder and extracting file archive. Second put website in maintenance mode, and delete all former Drupal files except the sites directory and .htaccess, web.config, robots.txt or default settings.php files for this release. Run update.php. and switch off maintenance mode.