There has been a recent flurry of PR for a firm that is somewhat related to Citrix called Virtual Computing. I do not all the particulars but there is a financial relationship between the two. Citrix is well known for slim-client/remote client hosting solutions.
What caught my eye was the concept that a "hypervisor" would run on the hardware of choice sans a hosting OS. In turn it would host as many sessions as the client wanted (within the physical & electronic limitations) with multiple VMs running the applications desired in each one, That would allow the simultaneous use of Windows and the Linux of the month in separate windows without any possible "leakage" from one to the other.
Hallelujah, somebody has seen the light! That is the way to do virtual machines. Give each major application or group of applications its own solitary-confinement cell with nothing the OS can use to get to the other cells. A virus or Trojan should not be able to hop the gap from one cell to the other because they won't know they're there.
Truthfully I do not know exactly how that can be done in total but it is the absolute best possible sort of solution with the recently released and soon to be digital d