Hey guys, there's even more to this than just patching OpenSSL and obtaining a new certificate. The final step is to revoke the potentially compromised previous certificate. If a nefarious website compromises a certificate and the certificate is revoked your browser will still not know about it if you visit that nefarious website by accident because there is an option in your browser that checks for revoked certificate that is disabled by default.
In FF for example, go to options -> advanced -> validation. In the option "When an OCSP server connection fails, treat the certificate as invalid" is not checked by default. Check that option on! There is a little more overhead involved but at this point I think it is well worth it.
Facebook
Twitter