Last thing I heard they were working on that. I don't know if they've got there yet. Obviously the new branch took priority.

PS: Just checked on kernel.org. There's a 4.9.75 out today. That must be the backport. I'm downloading it now.

Thank you, hazel, first for your clarifying reply and most of all for this thread since after my initial response I searched around and found out about Spectre and Meltdown. It is my understanding that while Spectre may do less damage it is harder to fix. I still wonder if the MCE and associated garbage has anything to do with why Intel is affected the worst. I also read that those of you who have OEM machines can get firmware updates but those of us who build our own are in something of a "holding pattern". Too bad Intel doesn't just release the fixes as downloadable microcode. I suppose we will see.

BTW it really isn't particularly dangerous to update a bios these days. There are lots of safeguards built in. The main thing it takes is just patience and reasonable preparation. I prefer having the update on a USB stick even though many machines can download it directly but updating has become rather trivial really.

Edit: I just discovered that a bug officially reported in May of 2016 noted that the ME (Management Engine, to which I referred earlier) can be remotely exploited to elevate privilege so it may indeed have an impact of risk level for Intel CPUs.

Yes, 4.9.75 boots normally. And dmesg|grep isolation shows the line
as expected.

I suppose the backports will eventually encompass the other branches. LFS 8.1 normally uses 4.12, so I've gone backwards! However Crux uses 4.9. Now that I've got a working patched kernel, I'll copy it and its modules over to Crux too. For Debian, I'll have to rely on the distro devs providing a new kernel. You don't usually have to wait long with Debian, not if its a security matter.

Apple have just admitted that iPhones and iPads are affected too, by both bugs.

As I read it the patches are necessary because there is a potential exploit, but the seriousness of that exploit and the ease, or not, of its use have not been determined.
I did read on The Register that Intel chips may run between 10 and 20 percent slower once the patch has been applied but it seems this may not be true for desktop machines.
What a colleague and I were discussing earlier was whether things like Amazon Cloud will lose 10 percent processing power -- that's surely a good number of servers and accounts?

Current experiments suggest that the slowing down is mainly in applications that use a lot of kernel calls, such as database software. PostgreSQL is especially badly affected. Code that executes mainly in userspace is not badly slowed down. That LFS mailing list post that I referenced earlier in this thread includes the results of some timing trials.

My colleague and I did also speculate that this may account, in some way, for Intel being "faster" than AMD getting more done per clock cycle and the like becuase they didn't consider the risk in some optimisations.
OK, so I am a bit of a fan of the (AMD) underdog but I hope my point about hosted services being devalued still holds.

You're certainly not the only ones thinking that...

However AMD (and ARM) are affected by the 2 of the 3 CVEs. So AMD isn't a complete solution to this.

I wonder if questions will also be asked about Intel's CEO selling something like half his stock (retaining only the minimum requirement) in late December.

As it happens I have only just read that it's definitely not just Intel in the last couple of hours but I do still wonder whether AMD missing this "speculative execution" could be part of their lead, since they're still the ones definitely affected.
I'd not read about the Intel CEO but I suspect that it will be found that "...he .. had no idea ..." and it is just coincidence.

It's important to realise that there are three separate CVEs (The Google Project Zero papers linked to in the other threads give more details). Two of the three affect most CPUs from various vendors. One, the more serious, but easier to mitigate, seems to only affect Intel thus far.