Security researchers warn that the Spectre CPU vulnerabilities also have an impact on Intel's Software Guard eXtensions (SGX), a technology that lets software run in allocated private regions of memory. These enclaves offer protection against interference from processes running at higher privilege levels. Examples of applications of SGX include digital rights management (DRM), secure web browsing and secure remote computation.
Now The Register reports that Spectre vulnerabilities could be used to snoop on these enclaves:
These areas are called enclaves, and are typically used to run things like anti-piracy code without anyone spying on the decryption keys, or to run sensitive computational code on an untrusted remote machine. Attestation is used to ensure software on one box is talking to code running unaltered in an enclave on another box.
The speculative execution flaws revealed in January, however, jeopardize SGX's security boundaries, as demonstrated in the video below. As is to be expected, exploiting the chip-level vulnerabilities requires local access: a miscreant must be able to log in, or malware must be running in order to leverage the design blunder to attack an SGX enclave.