Actually, I don't quite agree with that. The main problem here is edge and a windows kernel bug. Both of these are unpatched as of now. The second problem is that the VMWare vulnerability is only possible on a Windows host system, and that VMWare can't just patch that problem because it needs Microsoft to solve it.
And that's the main problem. Bugs and vulnerabilities happen in any and all software, regardless. In a modern world, it's all about response time, about patching before it becomes a real problem.
This is a very serious vulnerability that poses a real threat in many enterprise environments, because there is a transitional solution that many growing SME's use that does just this kind of thing, they are upgrading their infrastructure in phases, and are starting with running virtual environments on VMWare Workstation on Windows hosts while upgrading to ESXi environments.
Now patchday was a good week ago, no patch will be issued against this for at least another three weeks, IF Microsoft makes the deadline of April patch Tuesday, which is not very likely, and if they don't, chances are that they'll just skip the month, like they just did with February Patch Tuesday, even though that had to fix some very serious documented and published vulnerabilities. Then when March Patch Tuesday came, many machines choked on the patch and required reinstall and manual updating, exposing the systems even further and for a longer period.
This is exactly the kind of problems people run Windows in virtual environments for. They want to limit the damage, not if, but when something bad happens. It's pretty clear that virtualisation on Windows is not a solution for any problem. Oh and there will be vulnerabilities on open source platforms, some undiscovered for a long time, but one thing is for sure, when a vulnerability is discovered, it's always patched within hours of discovery, and always before publication, even if there is no money in it for security specialists, just because those specialists need their tools, and the tools they use are open source. That is the quality difference.