Is disabling smt really necessary for maximum security in desktop use? Gen7 Intel cpu.
SMT can introduce security vulnerabilities, such as side-channel attacks like Spectre and Meltdown. If you are really concerned of that, you could consider disabling SMT. It all depends on your thread model and security requirements. Not what you wanted to hear, right?
One thing to do is maybe to disable SMT and see if you notice any performance decrease at all. If not, then just leave it disabled.