Vulnerabilities of Heartbleed's magnitude are rare. The security bug has its own website and logo. It's being discussed not only in security circles but across IT and beyond. Businesses are concerned. End users are concerned. Everyone is potentially impacted by this one, making it the most significant vulnerability in years.
Eventually the chaos will subside and folks will start looking at how such vulnerabilities can be better mitigated in the future. At this point patches are rapidly becoming available and organizations will certainly apply those fixes as quickly as possible. But in the meantime, they -- and anyone interacting with them -- remain open to exploitation.
This leads to a serious question: how can organizations stop a heartbleed so they can get to the operating room to fix it permanently?