The Heartbleed Bug Is Mostly Fixed, But There Are Still More Than 20,000 Websites Vulnerable
Chances are, most of the important websites you're using on a daily basis have applied the necessary updates to patch the vulnerability.
Only 53 of the top 10,000 websites are still vulnerable, according to data from Sucuri's scans. The company didn't reveal which websites are still susceptible to Heartbleed, but chances are they're not websites you're using on a regular basis.
However, there's a sizeable chunk of the Web that's still being affected by the Heartbleed vulnerability. Of the top 1 million websites, 2% are currently vulnerable to the security flaw. That means that more than 20,000 websites are still affected by the Heartbleed bug. Again, Sucuri didn't name any specific websites, but the more popular a site is the better chance there is of it having been fixed.
If you're unsure whether or not one of your favorite websites is still being affected by Heartbleed, use this test site to run a scan and check whether it's been fixed.
The Heartbleed bug is a security flaw with OpenSSL, a popular encryption standard used by a giant portion of the Web. The bug can allow an attacker aware of the flaw to trick a server into spilling out data from its memory, which can include personal information such as passwords and credit card numbers.
Although many of the major sites have updated their servers to a newer version of OpenSSL that isn't vulnerable to the bug, it's still a good idea to change your passwords.