The "Meltdown" and "Spectre" vulnerabilities are currently making the news and fixes are being fielded as I type. There is an impression that these processor-centric problems are not fixable. Well, kinda. I'll (at the risk of looking uninformed if you compare my picture here to CERT or somebody) offer a grossly simplified explanation. Bottom line, though, is UPDATE EVERYTHING. It's a software issue, at least immediately.
The kernel of any operating system is the internal part of it (be it Windows, Linux, CP/M, whatever - everything has a kernel)... the "guts" part that handles matters more fundamental than human interaction. It has three jobs: file system management, memory management and CPU scheduling (the "job stack"). That second matter about managing memory is key for the current issues. A kernel knows details about how the physical processor (or cloud simulation thereof) arranges physical memory and the kernel itself is what decides what and how much memory goes to this process, that application or that other cron job when fired.
Suppose - just suppose - that the Bad Guy could stick a virus (surreptitious unauthorized kernel module in this case) into a kernel. That would in theory give the ability to this virus/worm/nasty to eavesdrop upon exactly what memory locations a particular interesting process was using, as well as the ability to look into those locations and see (before wipe) if any data is left there after the process happens. If the nasty finds data, it could then copy it and send it to the IP address of Nasty Person Central, at least if network-capable and if sensing any usable connection to the outside world. Which would be a good bet.
Processor redesign could make this crack harder but will take months or years to put into the plans of all the chip makers. Software changes are possible quickly though, and are being rolled out now and will continue to be developed for months. The action plan:
1. DO ALL BACKUPS IN CASE PATCHES BREAK SOMETHING.
2. RESEARCH AND FIND PATCHES FOR YOUR STUFF.
3. WARN DOWNSTREAM USERS OF MAINTENANCE TIME WINDOWS BEFORE THEY HAPPEN.
4. PATCH ALL OPERATING SYSTEMS AND APPLICATIONS THAT MAY BE AFFECTED BY MEMORY EXFILTRATION PROBLEMS.
5. Follow authorities like the common vulnerabilities page and NixCraft for the latest news and workarounds.
