Cybersecurity agency: The only sure defense against huge chip flaw is a new chip

The tech world continues to come to grips with Wednesday's revelation of very serious vulnerabilities associated with central processing units (CPUs) that affect, well, just about everyone with a computer.

Two flaws have been identified by researchers: Meltdown, which is believed to affect most Intel CPUs produced over the last 20-plus years, and Spectre, which affects processors produced by multiple companies, including Intel, AMD, and ARM.

Now, the Computer Emergency Response Team (CERT), the government-sponsored cybersecurity organization based out of Carnegie Mellon University, has issued its report on how to fix computers affected by the widespread bugs... and it's not cheap.

The underlying vulnerability is primarily caused by CPU implementation optimization choices. Fully removing the vulnerability requires replacing vulnerable CPU hardware.

TL;DR, if you're really worried about it, it's probably safest to just buy a new machine that doesn't have one of the vulnerable processors tucked away inside.

As our Jack Morse pointed out yesterday, the Meltdown vulnerability could put you at risk:

...if you're running Windows, Linux, or macOS, something as simple as the JavaScript in your browser could theoretically gain access to the area of your computer that protects passwords. 

Not only is CERT's suggestion an expensive proposition, it suggests that if you really, really want to make sure you're secure, the patches companies are rolling out to users won't fully fix everything. They're not worthless, but they're also not comprehensive and are even likely to slow down computers with older processors.

For the most part, most private users should be okay with the patches and adjusting browser settings. There are vulnerabilities, but it's businesses and government organizations that are already most susceptible to hacking attempts that will want to make sure everything's on lockdown.