Which old clients (if any) are affected? I am still running v0.8.5-beta

All versions of Bitcoin-Qt are affected by the rpcssl part of the vulnerability if they are linked with an affected OpenSSL version.

From given links in this topic i use the win x64 version on windows 8.1
I am pretty sure its false positive of the av programs

Did you check control sums? Just offload bitcoin.org a little bit
By the way may this bug be used to empty gox and bitfunder?

Well to be sure i rescan now with eset/kapersky and a few others to see if any trojan/virus is found
My weekly scan with my 12 av products was overdue a few days so doing it now
The installer i downloaded from bitcoin.org does seem clean as wel
 

I was using Mac OS X Bitcoin-Qt 0.8.6. As far as I know, I've never used the rpcssl command line option.

So if this rpcssl option is not on by default, then this vulnerability could not have affected me, right?

I've already updated to 0.9.1. I just want to know if I have to go through the emergency measures of creating a new wallet and transferring everything to it.

That's kind of disruptive because it means updating all my miner configs as well. Unless I can preserve my old addresses in the new wallet. Never had to do that so I don't know if it works or not.

SHA-256 checksum of the magnet link matches what I have from the bitcoin.org download.

On the other hand, it's a critical piece of software and only ~60MB; I would still only download from the official source.

If wallets were 100% time offline - I think they can't be abused by this bug.

I'm also curios. I'd rather not update if not necessary.

If necessary, is a standard update ok? Or is an entirely new wallet required?

Yes alt-coin wallets are affected. Unless they switched out openssl.