There is a bunch of info regarding this bug over here: http://heartbleed.com/ but it is mostly geared to server administrators.
This explanation is more suited to users: http://www.vox.com/2014/4/8/5593654/...romise-privacy
As far as users are concerned, there isn't much they can do except check with any sites they use and see if they have been patched.
If they have been patched, change your passwords. I would even go so far as to change passwords for sites that say they are unaffected, just in case.
There are some resources to help with that including a scanner from LastPass: https://lastpass.com/heartbleed/
I also found a small list of commonly used sites that said if they were affected or not. It can be found here:
Hope this helps.