If the reports are accurate, it appears that Intel might have a pretty severe chip-level security bug
on its hands that cannot be simply swatted away with a microcode update. The bug affects all modern Intel processors dating back at least a decade. We should note that squashing the bug requires a patch at the OS level; and Linux patches have already been distributed (with redacted comments). Microsoft is expected to address the bug in its monthly Patch Tuesday update
In a nutshell, the bug allows everyday programs to "illegally" access certain contents in protected kernel memory. The "fix", so to speak, is to implement Kernel Page Table Isolation (PTI), which, for all intents and purposes, makes the kernel invisible to running processes. In a perfect world, such training wheels shouldn't be needed to isolate the kernel, but software patches that are nearing release for Windows, Linux and macOS systems will address the exploit head-on.
There's one big problem, however. Fixing this vulnerability in software also comes with a big hit on performance. Additional overhead is introduced to maintain a barrier between memory address spaces, which can result in a performance handicap of 30 percent or more :-(