Some websites have implemented the fix, but not all. As I understand it (I'm not a systems programer); If the site is still vulnerable, all changing you passwords will do is allow an eavesdropper to capture your new password. Not vulnerable sites have been fixed and should have the passwords changed, and No SSL sites require no action. Though if you share a password/username with an affected site, it would be prudent to change it.
WARNING & DISCLAIMER:
SELECT AND USE OUTDOORS AND SURVIVAL EQUIPMENT, SUPPLIES AND TECHNIQUES AT YOUR OWN RISK. Information posted
on this forum is not reviewed for accuracy and may not be reliable, use at your own risk. Please
review the full WARNING & DISCLAIMER about information on this
site.