In a nutshell, it is a major security flaw in Intel hardware dating back a decade that is requiring a complete kernel rewrite for every major OS (Linux, Windows, Mac, etc) in order to patch out. It cannot be patched out with a CPU microcode update. Major enough that code comments are redacted in the patches until an embargo period is expired. Also the reported fix will have a huge performance impact.
Also crucial to note is that AMD chips are not affected by this.
How the heck does something like this go unnoticed for so long?