Is not required to replace your current CPU by tomorrow… yet… (unless tomorrow will be 6 months from now and you still did not patch your systems)
Depending on the “weight” of the patch you can still manage to do with current infra load. (you did over-provision your resource load I hope… )
Of course the replacement of the HW will be the solution in the long run (an alternative is not yet available).
in my opinion, this issue does not pose an immediate (read as today/tomorrow) risk since this vulnerability is not easy exploitable. And also keep in mind that there are other factors that keep the exploit in check. (Policies, certified/trusted software, AV etc)
First, a malicious program, will have to get over the usual barriers and then, will be able to deliver the payload to do the seep on the memory pages… (except web content )
We will see POC and first attempts in the next days but also the patches will arrive, so mostly it will be a game of “who is good at housekeeping” and maintenance.
The most impacted will probably be the hosts like esx and xen etc.
They will need to patch asap because you might not have control on what is run on your guest, if the guest is public service.
And on the fun side, the mass-media started to have a incendiary start reporting this With lots of headlines (90% related only to Intel )