Watch out for the latest vulnerability making the rounds.
Sounds like patches next week.
Those floppies can kill :-)
Seems like a power off of the vm is needed to get the patch (not reboot).
Should be a fun week next week.
It looks like Richard WM Jones called it back in 2011!:
If this link breaks in future, I can summarize:
Use sVirt to only allow devices you need to limit the vulnerabilities (known and unknown) in the Qemu layer.