There are a number of excellent explanations a Google search away, but here's my very loosey-goosey summary: this is a side-channel attack, and so it doesn't require privileged access to implement. VMs, restricted memory access, etc., do nothing to protect against it because no privileged operations are required to perform it.
In short, it's about tricking the processor. To maximize speed, the processor executes instructions that it thinks might need to be executed in the immediate future during times when it would otherwise be idle. If it predicts wrong, it ignores the results and no harm done.
The thing is that executing those instructions leaves behind traces, and important information can be gleaned from those traces.
An important larger lesson can be gleaned here: if you think that VMs provide an impenetrable wall between the VM and the host, you're mistaken. That has never been true, and wouldn't be true even if this processor flaw didn't exist.