That said, exploiting these flaws requires an attacker to obtain malicious access to a machine and possess the ability to run arbitrary code. It's not exploitable through malicious websites.

and it probably has to attack through the virtual machine environment

In a worst-case scenario, successful attacks carried out using TSA-L1 or TSA-SQ flaws could lead to information leakage from the operating system kernel to a user application, from a hypervisor to a guest virtual machine, or between two user applications.

so it is a far fetched exploit needing specific conditions that are generally not available for 99% of the machines outside the lab where this is happening.

its FUD

I can't fully remember from the previous Spectre and Meltdown but a BIOS update from manufacturers should be enough to patch once released right?