So, for those who use Windows Defender we still need to add that key? I've it disabled and so far, nothing on Windows Update, still on build 16299.125
Yes. Defender sets the key with latest Definition Updates. You can also set it manually, afterwards the Update will appear in WU.
You could apply the uCodes patches using this link Security flaw patch for Intel CPUs could result in a huge performance hit On linux Security flaw patch for Intel CPUs could result in a huge performance hit
Pre-haswell chips Ivy and previously released ones are observing 20% slowdowns. I have a Ivybridge Pentium 2020M CPU Haswell/Broadwell and later CPUs didn't a notice a hit. 2020M -> Slow performance on W10 yet to be tested on Linux Broadwell 5200U-> No lowdown on Windows 10, so the result will be same for linux. Skylake 6700HQ-> No slowdown but on 100% load the CPU is unresponsive most of the times. Short Answer: Those with Intel CPUs before Haswell are good as dead.