It looks like they're saying, for the bounds check stuff, it is normally enough to add a conditional move or register-selection instruction in the right place, that even their out-of-order chips won't speculate past it. And they defined a new barrier instruction, CSDB, that very narrowly promises just that a speculatively read value can't influence what data is cached later. It's unclear to me if that's supposed to be coming only in future designs, in microcode updates for existing designs, or what.

(They don't seem to explicitly promise data couldn't be leaked from the speculative execution other ways--in branch predictor state or something--though you have to imagine the idea is to avoid any leak.)