**Green VM** runs good or trusted applications, and has access to potentially important or personal data. **Red VM** runs suspicious applications so that when the application turns out to be malicious, it does not end up compromising the operating system.![[attachments/Screenshot 2023-05-26 at 5.04.02 PM.png]] Is green VM affected by exploitation of a red VM application? No Is green VM application affected by red VM guest OS compromise? No Is green VM affected by the compromise of the VMM? Yes (If the VMM is compromised, all bets are off since it is the supposed [[TCB - Trusted Computing Base|TCB]] here) Does a green VM application only need to trust the VMM or also the green VM guest OS? Yes What benefit do green/red VMs offer? Isolation from potentially vulnerable applications