Here is a brief FAQ regarding browsers and the Spectre/Meltdown vulnerability in AMD, Intel and ARM CPUs.
A: Yes, browsing a web can give access to third parties to your machines memory beyond the browser.
Q: Is the threat real or mostly theoretical?
A: The threat is real, but because if the nature of the vulnerability it is not trivial to come up with a universal exploit to get valuable information. Vulnerabilities in web applications like WordPress are much more uniform and easy to exploit due to their restricted scope.
Q: Can and are browser vendors creating fixes?
A: Yes, browser vendors can minimise the likelyhood of the vulnerability being exploited. Microsoft, Google and Mozilla have already undertaken measures and browsers will be updated.
A: Yes, the underlying Operating System update to Windows, macOS or Linux will make the issue obsolete even if you are using a browser that has no fix.
Q: Is Node.js running on the server vulnerable to this issue?
Q: Is there an update available Operating System or Browser already updated to patch the Meltdown and Spectre vulnerabilities?
A: An easy way to track updates centrally is a GitHub page that tracks the status of updates for Browsers like Chrome, Firefox, and popular operating systems like Android, Windows, macOS, and iOS for iPhones and iPads. You can find the page here: meltdownspectre-patches
Q: Will using incognito or private mode protect me from Spectre vulnerability?
A: No, attackers can bypass any security feature - inclusing private modes in Chrome, Firefox and Safari browsers
Q: If I use a shared computer in a library or a shared smartphone, how do I know if the device is vulnerable
Q: Does this information relate to Skyfall and Solace vulnerabilities?
A: The Skyfall and Solace vulnerabilities are closely related, but will need separate fixes from browser, operating system and CPU vendors.