For the less tech-savvy, how is the patch installed? At what level does it operate?
@Suppressed Sorry for the slow response. I seldom notice replies on this forum, because the forum software doesn't notify of them unless someone includes the @ username tag in the reply (my one most-wanted feature for this forum is to fix this).
Most microprocessors have a table that contains "microcode". Assembly language instructions are decoded into bits that control which internal portions of the microprocessor are activated, where the data is routed (to an internal register, to external memory, etc.). The table of mappings from assembly language instructions to these bits is called microcode. I am told for Intel microprocessors its fairly sophisticated in that it can actually, although sometimes with a performance impact, make more substantive changes to how an instruction is implemented. The microcode is stored in nonvolatile memory within the processor. There is a special processor register that if written to will tell the processor to go load the updated microcode from some address in memory. It will then read the update from this address in memory and update this internal microcode table. Once updated, there is no need to keep the update around or apply it again.
In some cases, the update is actually applied via a BIOS update. You update the BIOS with a version that contains the microcode patch. At boot time, the BIOS checks the processor to see if the microcode has been updated. If not, it goes through the process I described above. Other systems have an OS module that will do the update without involving the BIOS. For Linux it is just a package you install like any other package, except that because it is not open source, you will typically need to explicitly install it (i.e. the microcode update driver won't get installed by default during the OS installation). Microsoft will likely just push the update out during their normal update/patch process. AFAIK, they have not done this yet - at least the non-insider releases. I was told at lunch that the Windows Servers that host Microsoft Azure had already been updated, though, and in fact this happened some time ago. The patch from Intel has been out publicly since May.
If you're running Linux, you can track down the update and install it. If you're running Windows, I would just wait for it. My guess is it'll be in the next monthly windows update cycle (just a guess - I have no insider knowledge). If you're running Macs, I am not sure. Apple tends to batch updates and release less frequently, so it might be awhile.
But as I said before, it's nothing to lose sleep over. I'm not planning on doing anything special for my various desktops here.