The announcement of these vulnerabilities created quite the ruckus, but I've seen many organizations to nothing to directly mitigate them --- given the risk of performance impacts --- & instead rely on their existing security controls.

On my personal laptop, I applied the Windows updates & updated the BIOS, ensuring that the system was secure via the SpeculationControl module for MS PowerShell. (My AV had no objection to all this)

It came at the price of performance --- while I could initially run a VM and also have a movie playing on the host, there's now a noticeable lag.

I also secured Google Chrome using Site Isolation, & though this may have slowed things down, it was shadowed by the impact of the Windows and BIOS updates)

The effects of these controls on operations in corporate environments could be devastating, so they'd prefer to 'leave well enough alone.'