Which sites have patched the Heartbleed bug?

 

We compiled a list of the top 100 sites across the Web, and checked to see if the Heartbleed bug was patched.

The Heartbleed bug is serious. Disclosed less than two days ago, the Heartbleed bug has sent sites and services across the Internet into patch mode.

For an in-depth explanation of what exactly Heartbleed is, and what it does, read this post by our own Stephen Shankland. In essence, the bug potentially exposed your username and password on sites like Facebook, Google, Pinterest, and more.

Using Alexa.com, we plan on going through the list of the top 100 sites in the US and asking "Have you patched the Heartbleed bug yet?" Once we have an answer, we will fill in the chart below with the response.

While we wait to hear back, we will be testing the sites against the Qualys SSL Server Test. There may be some instances where the patch isn't detected or a server can not be inspected (the site may be fine, but Qualys can not confirm that), in which case we will mark the site as "be on alert." When a site is marked as such, you should proceed with caution and contact the site or company directly if you have any questions pertaining to your account security.

You may notice some companies will be marked as "Was not vulnerable." In that case, the site in question does not use the type of OpenSSL encryption this bug was based on and your data was never at risk.

Site
Qualys
Confirmation from site

Google
Pass
Vulnerability patched. Password change recommended

Facebook
Pass
Vulnerability patched. Password change recommended

YouTube
Pass
Vulnerability patched. Password change recommended

Yahoo!
Pass
Vulnerability patched. Password change recommended

Amazon
Pass
Was not vulnerable

Wikipedia
Pass
Vulnerability patched. Password change recommended

LinkedIn
Pass
Was not vulnerable

eBay
Pass
Was not vulnerable

Twitter
Pass
Was not vulnerable

Craigslist
Pass
Awaiting response

Bing
Pass
Vulnerability patched. Password change recommended

Pinterest
Pass
Vulnerability patched. Password change recommended

Blogspot
Pass
Vulnerability patched. Password change recommended

CNN
Be on alert
Awaiting response

Live
Pass
Was not vulnerable

PayPal
Pass
Was not vulnerable

Instagram
Pass
Vulnerability patched. Password change recommended

Tumblr
Pass
Vulnerability patched. Password change recommended

Espn.go.com
Pass
Awaiting response

Wordpress
Pass
Awaiting response

Imgur
Pass
Awaiting response

Huffington Post
Be on alert
Awaiting response

Reddit
Pass
Vulnerability patched. Password change recommended

MSN
Pass
Was not vulnerable

Netflix
Pass
Vulnerability patched. Password change recommended

Weather.com
Be on alert
Awaiting response

IMDb
Be on alert
Awaiting response

Yelp
Pass
Vulnerability patched. Password change recommended

Apple
Pass
Awaiting response

AOL
Pass
Awaiting response

Microsoft
Pass
Was not vulnerable

NYTimes
Pass
Awaiting response

Bank of America
Pass
Was not vulnerable

Ask
Be on alert
Awaiting response

Fox News
Pass
Awaiting response

Chase
Pass
Was not vulnerable

GoDaddy
Pass
Vulnerability patched. Password change recommended

About
Be on alert
Awaiting response

BuzzFeed
Pass
Awaiting response

Zillow
Pass
Awaiting response

Wells Fargo
Pass
Was not vulnerable

Walmart
Pass
Was not vulnerable

CNET
Pass
Was not vulnerable

Pandora
Pass
Was not vulnerable

xHamster
Pass
Awaiting response

PornHub
Pass
Awaiting response

Comcast
Pass
Awaiting response

Stack Overflow
Pass
Awaiting response

Salesforce
Pass
Awaiting response

Daily Mail
Be on alert
Awaiting response

Vimeo
Pass
Vulnerability patched. Password change recommended

Flickr
Pass
Vulnerability patched. Password change recommended

USPS
Be on alert
Awaiting response

Indeed
Pass
Awaiting response

Hulu
Pass
Awaiting response

Answers
Pass
Awaiting response

HootSuite
Pass
Was not vulnerable

Amazon Web Services
Pass
Awaiting response

Adobe
Pass
Awaiting response

Blogger
Pass
Vulnerability patched. Password change recommended

Dropbox
Pass
Awaiting response

Reference.com
Be on alert
Awaiting response

AWeber
Pass
Awaiting response

UPS
Pass
Awaiting response

CBSSports
Pass
Was not vulnerable

Googleusercontent.com
Pass
Vulnerability patched. Password change recommended

Feedbin
Pass
Vulnerability patched. Password change recommended

Pinboard
Pass
Vulnerability patched. Password change recommended

GetPocket
Pass
Vulnerability patched. Password change recommended

IFTTT
Pass
Vulnerability patched. Password change recommended

PayScale
Pass
Was not vulnerable

This list is going to be live and constantly updated; please return to view the latest information as we get it.

CNET's Seth Rosenblatt contributed to this report