Intel-owned security firm McAfee has released a free tool to check if websites are still vulnerable to the catastrophic Heartbleed bug found recently.

The simple tool allows web users to type in a URL or IP address to see if the vulnerable version of OpenSSL is still being used.

This overcomes the issue of users not knowing if they should update passwords, due to lack of communication from many companies about whether or not they have patched the bug.

Changing passwords before the bug is patched will mean hackers could still access the new password. However, many popular websites like Facebook and Google are already fixed.

Regaining confidence

"It's important that users first check to make sure the websites they frequent are updated before changing their passwords," said Gary Davis, VP of consumer marketing at McAfee.

"In the wake of confusing information floating around, our tool makes it easy for consumers to quickly access the information they need. Armed with this information, consumers can decide when it is time to change their passwords and regain confidence in a safe web surfing experience."

Similar tools are available from other security firms and professionals, like this one.