With the info released about the Meltdown and Spectre vulnerabilities, in case you are running VMware vSphere, you may already have applied the patches mentioned in VMSA-2018-0002, maybe even beat them on AWS (especially if you are on vSphere 6.0).
For example the patch for ESXi 6.0, ESXi600-201711101-SG, was silently released in November last year, on November 09, 2017, as can be seen from Update Manager below or their KB 2151132.
vSphere 6.5 got the patch ESXi650-201712101-SG somewhat later, per their KB 2151099, on December 19, 2017. ESXi 5.5 got the incomplete patch ESXi550-201709101-SG also early on September 14, 2017, per their KB 2150876.
As a small note, for example ESXi650-201712101-SG, being a security release only, is included in the ESXi600-201711401-BG release as well which is a general bulletin (a general bulletin contains both the new security and bug fixes on top of the last version of the VIBs, see KB 2041654 for explanation). So installing ESXi600-201711401-BG in tandem with ESXi650-201712101-SG will make the SG appear as "obsoleted by host.