Well, Guix sidesteps that problem by (rightly) pointing out that Intel microcode updates are non-free software, and thus aren't included in the system. If one wants those updates, they have to do it themselves, usually by using a software channel that provides ways to use non-free software on their system, which means that the user makes a conscious choice to use non-free stuff instead of it being handed from up high.

It might not be a satisfying answer, but oh well. One can complain at Intel about it.