One week ago, details about widespread vulnerabilities in modern processors became public. One variant, named 'Meltdown,' affected every modern Intel chip. Two other variants, collectively known as 'Spectre,' are known to affect chips from Intel, AMD, and ARM (at the very least). Most Google products are already protected against these threats, but now the company has made it easier to tell which Chromebooks are patched.
Holy Chromebooks, Batman!
Google has published a table on the Chromium Wiki, listing every Chromebook and the Meltdown patch progress for each. The vast majority of models are already safe, or weren't affected by Meltdown in the first place. As you might expect, Chromebooks that have already stopped receiving updates (like the CR-48 and Samsung Series 5) are not being patched.
The process of protecting against Spectre is far more complicated, but Chrome's optional Site Isolation feature will plug the hole in most use cases. This can be turned on by switching the #enable-site-per-process flag (copy and paste that link into Chrome's address bar) to 'Enabled.'
You can see the full list of Chromebooks at the source link below. If your model has "Yes" or "Not Needed" in the "mitigations (KPTI) on M63" column, you're safe.
- Chromium Wiki