To my understanding, part of the reason that was a problem was that Intel wanted to killswitch feature bits like SGX, but since Linux saves the feature bit state when it inits the CPUs, and then other things might change codepaths based on that, if you then killswitch it later, boom might go the dynamite.
(I believe this example would also still break on AMD-based systems, AMD just hasn't killswitched a CPUID feature flag yet AFAIR...)
https://wiki.archlinux.org/title/Microcode#Late_loading
https://docs.kernel.org/arch/x86/microcode.html#late-loading
although quotes from this article claim that it's fine specifically on AMD systems:
https://www.phoronix.com/news/AMD-Late-Loading-Microcode