Enable all available mitigations for the MDS vulnerability and disable SMT on vulnerable CPUs (refs: #16720)