The Heartbleed bug isn't going away.
Many of the large sites say they've plugged the flaw - which could give enterprising hacker just about any hidden passwords and personal information on any web site - but many others haven't.
The bug was caused by an unforeseen side-effect in a seemingly innocent bit of programming code. Click here for my detailed explanation of how Heartbleed actually works.
There's also a lot of misinformation out there; click here to read 5 Heartbleed myths you shouldn't believe.
In the meantime, though, as all of us continue to use the Internet, particularly on sites we've given personal information or credit card numbers to, we need to proceed with care - and check which sites still haven't fixed the bug.
Norton, a respected Internet Security company, has a site up that checks sites for the Heartbleed bug quickly and efficiently. There are clear error explanation messages, too.
Check it out: Click here to check your site for the Heartbleed bug.
The bad news is that if you find a site where there is a vulnerability, you're in a bind - if you change your password immediately, which is sensible, that site remains vulnerable.
My advice is to be cautious - and keep personal data like credit card numbers off of sites that aren't yet fixed.