React, Flux, GraphQL, Hack, HHVM...? All of this and more!
The issue affects Intel CPUs broadly, but also AMD and various ARM processors are suspect to a similar attack. Browser vendors have already started mitigating the issue with Microsoft, for example announcing improvements to Internet Explorer and Microsoft Edge browsers against Speculative Execution. Mozilla has also taken action against the new class of timing attacks and Chromium based browers a fix is scheduled for version 64. The WebKit team also did a writeup on the implications of Spectre and Meltdown in their blog.
Due to the dynamic nature of the browser (and the OS market in general) it will be virtually impossible to patch all browsers. This means that web services are threathened from an unusual attack vector developers really can't protect from, but thankfully most browsers are now evergreen (auto-updating) which means fixes will be applied to contemporary devices in active use. Users can check if their browser is vulnerable with a Spectre browser vulnerability check.
For Chromium based browsers such as Opera and Google Chrome users can improve security with a feature known as Site Isolation, and in general the lucky aspect is that the flaw is so low level that it is not trivial to exploit it to gain access to passwords or other sensitive data on a large scale. Popular web applications like WordPress are a much more uniform target than a complete Operating System.
To follow up on patch statuses for Windows, Android, macOS, iOS, Linux Distributions like Debian, Ubuntu and RedHat Operating systems as well as other significant tools you can check out a Github repositor showing a summary of Meltdown / Spectre Patches centrally: meltdownspectre-patches
Update: It seems that new critical issues exploiting Speculative Execution, called Skyfall and Solace vulnerabilities have been annouced. Stay tuned.Tweet