The situation is, indeed, serious. "'Catastrophic' is the right word," says Bruce Schneier, noted cryptographer and computer security and privacy specialist. "On the scale of 1 to 10, this is an 11."
"At this point, the odds are close to one that every target has had its private keys extracted by multiple intelligence agencies. The real question is whether or not someone deliberately inserted this bug into OpenSSL and has had two years of unfettered access to everything," he adds.
Unfortunately, there is nothing you can do about that. If the information has been collected, and those private keys compromised, all past communications between your computer and various Web servers can be reviewed. Still, future communications can be protected.
The question whether OpenSSL should be rewritten completely has been bandied about, but even if the answer is yes, a solution could be years away.
In the meantime, some OS developers and vendors have already issued new OpenSSL packages that fix the issue, and others are expected to do so shortly. Affected sites - especially high-profile ones are doing the same and revoking and replacing their old TLS certificates with new ones in case they were compromised.
The next move must be done by the users, who are strongly encouraged to change their account passwords on these sites - but not before the issue is solved by the administrators. For example, Ars Technica has already fixed the issue and alerted the users, and so did Tumblr, Imgur, OKCupid and Yahoo!
The main problem is that many of these sites will likely fail to send direct messages to registered users about the password-changing requirement. It would be perfect if they would reset all the passwords and force users to choose new ones.
If you want to check whether a website is still vulnerable, you can do so through this website, set up by cryptography consultant Filippo Valsorda, or via Qualys' SSL Labs Server Test.
Admins of vulnerable sites will have to do more work.
"It's difficult to underestimate the impact of this problem. Although we can't conclusively say what exactly can leak in an attack, it's reasonable to assume that your private keys have been compromised," explained Ivan Ristic, Director of Engineering at Qualys.
"Addressing this issue requires at least three steps: 1) patch, 2) replace the key and certificate, and 3) revoke the old certificate. After that you will need to consider if any additional data might have been leaked too, and take steps to mitigate the leak."
Here are two good sources on how to go about doing this.
"Unless your server used Forward Secrecy (only about 7% do), it is also possible that any past traffic could be compromised, but only if you are faced with a powerful adversary who has means to record and store encrypted traffic. If you did not before Forward Secrecy before, now is a great time to ensure you do support it from now on," Ristic added.
The advice was repeated by F-Secure researchers, who also advocate a review of certificate generation settings and server configuration while you are fixing the issue.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.