If they have to hide something, it will not be in the microcode. They always expected it to be broken one day. If it is on the die it will take a massive effort to be found and understood, if ever. And it is actually much easier to hide from the employees as if it was in the microcode, many of them could have extracted the keys and sold them to a foreign power.