It seems that it is all dependant on a localy run malicious code. Which means you have to download it/ or get infected somehow and run it.Say that again? SGX isn't about virtualization, you might wanna reread CVE-2018-3615, CVE-2018-3620, CVE-2018-3646.
Again, this comes down to virtualization. Data centers are the targets which could be affected.
Malicious code may on purpose be placed in one of the guest machines and access memory of the cpu serving tens of other machines.
You REALLY need to know what to look for in this 32KB cache which is changing very fast.
Usual consumer will most likely not get affected, and i mean if a user downloaded a virus, and that virus get past the anti-virus, then nothing on earth will help protect against data theft. A simple keylogger will do a better job than SGX vulnerability.