SUPEE-9767 comes with a brand new Form Key validation on the checkout page. This is in order to prevent some cross-site scripting attacks on the checkout page.
So for that, Magento includes a new form key validation that can be enabled from the Admin Panel.
This option is available in:
Admin Panel > System > Configuration > Advanced > Admin > Security > Enable Form Key Validation On Checkout.
It is highly recommended to enable this option, so make sure to turn it on.
Checkout Not Working
A very known issue caused by this patch is that you might have a custom theme which should be overriding Magento checkout’s view files.
Magento added the following portion of code in line 40:
<?php echo $this->getBlockHtml('formkey') ?>
If you are using a custom theme called “rwd/codealist”, you won’t have this line. So you need to add it to each phtml file related to the checkout page.
Those can be the following
In conclusion, you should check if your custom theme is rewriting any of this files, and add the portion of code mentioned above on each file.