An educated guess would be yes, but in a limited capacity. You'd see something like this really only being useful in a spying scenario, where you'd have the time to sit back and try to make sense of the data that you caused to slowly leak. These aren't the kind of exploits you can use like a back door or malware vector. They simply cause data that shouldn't be exposed during execution to be collectable outside of the execution pipeline and bypassing OS and hardware security layers.
Probably. The reason people make such a big deal of this is not about consumer desktop security -- which they are relevant for but not really much of an exploit, especially Spectre, due to how slowly data is read and the fact that they do require code already permitted to run on your system to begin with.
The real problem is in the context of cloud computing. Since almost all server computing is virtualized these days, that means that stuff running in a server you buy from Amazon AWS could be right on the same hardware as a major corporation's database server. Some of these exploits allowed you to violate the barrier that prevents you from reading memory outside of your VM. This is huge because it's a very strong barrier and it's very difficult and unusual for anything to be able to breach that barrier. Since the VMs are running 24/7 and you have permission to run whatever code you want, nothing stops you from gradually stealing all their data on an unpatched machine. Which is why Amazon freaked out and started restarting people's servers for Meltdown and Spectre patches immediately after the exploit info leaked out. They had likely been preparing for that for some time.