This is an incorrect analogy.
The security export is saying that the vulnerable machine should be replaced with different hardware because you can't be sure that the vulnerability hasn't already been compromised and that the hardware in question already contains a trojan or backdoor. Patching it at that point is "closing the barn door after the horse has bolted" - you're too late. You're assuming that you've managed to apply the patch before it had been compromised. If you or your company/entity takes security seriously, you can't make that assumption.
Instead, you should replace the vulnerable machine. You can replace it with identical hardware that has been carefully patched while offline. Changing vendors is not necessarily part of this solution - that's only considered if the vulnerabilities are so numerous that you find yourself patching things (or ideally, replacing your vulnerable hardware) "regularly".