This^^. Also, it's a very good idea to check the manufacturer's
support site regularly for BIOS, driver and system utility
updates.

I have Lenovo System Update runs as a scheduled job on my
Thinkpad E560. It alerted on Wednesday, Jan. 10, that Lenovo had
released a BIOS / Embedded controller update specifically related
to Meltdown / Spectre problem.

The diff on the latest Intel Microcode release looks like this.

Each Intel release gives microcode all the way back to a Pentium.
However, like an NVidia or ATI video driver, "old" hardware doesn't
receive new updates. When this list is prepared, it's a "diff" against
the previous release. That means, since 20171117, the following
processors received new microcode. The other processors would get the
same old, smelly microcode they always got :-)

Intel Processor Microcode Package for Linux 20180108 Release
-- Updates upon 20171117 release --
IVT C0 (06-3e-04:ed) 428->42a <=== my CPU barely made the list (Launch Date Q3'13)
SKL-U/Y D0 (06-4e-03:c0) ba->c2
BDW-U/Y E/F (06-3d-04:c0) 25->28
HSW-ULT Cx/Dx (06-45-01:72) 20->21
Crystalwell Cx (06-46-01:32) 17->18
BDW-H E/G (06-47-01:22) 17->1b
HSX-EX E0 (06-3f-04:80) 0f->10
SKL-H/S R0 (06-5e-03:36) ba->c2
HSW Cx/Dx (06-3c-03:32) 22->23
HSX C0 (06-3f-02:6f) 3a->3b
BDX-DE V0/V1 (06-56-02:10) 0f->14
BDX-DE V2 (06-56-03:10) 700000d->7000011
KBL-U/Y H0 (06-8e-09:c0) 62->80
KBL Y0 / CFL D0 (06-8e-0a:c0) 70->80
KBL-H/S B0 (06-9e-09:2a) 5e->80
CFL U0 (06-9e-0a:22) 70->80
CFL B0 (06-9e-0b:02) 72->80
SKX H0 (06-55-04:b7) 2000035->200003c
GLK B0 (06-7a-01:01) 1e->22

My CPU definitely doesn't have all three Branch Target Buffer
features. Maybe mine only has one of them.

Only one of my computers in the house, is affected. That patch
wouldn't touch any of my P4 machines.

In Windows 10, if I run the Intel Processor Identification
Utility, it reads out right now "428". That means Microsoft
has not put 42A in the OS microcode loader (as they stated
publicly would be their policy).

Now, in theory, if I were to install Ubuntu 17.10,
click the Software Updates button, suck in a new kernel,
reboot, then

dmesg | grep -i microcode

should state "42A", as Ubuntu has shipped the Jan8 update
to microcode, in the OS.

And I found at least one hint, that for VirtualBox, a
Linux Host behaves differently than a Linux Guest. The
Linux Guest can detect paravirtualization, knows it is "inside"
VirtualBox, and under those conditions, when it's patched
up, it will *not* force microcode into the CPU. Consequently,
a Windows 10 user with VirtualBox, with Ubuntu 17.10 as
a Guest, will find their Intel PIU reporting "428". Apparently,
about ten years ago, at the start of paravirtualization detection
code development, someone figured out it would be dumb for a
Guest to do that to the machine :-) Good call.

The Intel PIU will also give the "063e 04" part, so
you can check the above list, and see if you need
to do any delta analysis (like if you're dual booting
Win10/Ubuntu 17.10 say, and want to see if Linux is
patching the microcode).

The microcode can also be patched via a BIOS flash update,
when your motherboard maker is ready. And when the "noise
on the street", indicates it is safe to do that. The microcode
for Broadwell (BDW) and Haswell (HSW) was withdrawn, due to some kind
of reboot problem (on Lenovo). With no details on what the
issue is, it's pretty hard to give advice on that one.

Paul