The out of bounds variant is fixable in the OS, just add a fence instruction between the check and the load.
For code running in user mode, you flush the branch predictor on each context switch---again, new microcode + patched OS.
Hyperthreads are tricky. Those are not yet fixed by microcode AIUI, and in the future you may want a usermode program to say "I don't want indirect branch prediction because I am afraid of what the other hyperthread might do to me". That would require some new system call (like a new prctl on Linux) or something like that.
For code running in user mode, you flush the branch predictor on each context switch---again, new microcode + patched OS.
Hyperthreads are tricky. Those are not yet fixed by microcode AIUI, and in the future you may want a usermode program to say "I don't want indirect branch prediction because I am afraid of what the other hyperthread might do to me". That would require some new system call (like a new prctl on Linux) or something like that.