I've worked for classified organisations and they don't do this, because it's unsafe.
For instance that VM would have to be an http server to actually see the data, it would have to run on a managed (through sssh ?) host, ...
I mean why not give it an output-only serial line instead (isolating control signals. NO error recovery, windowing, ... allowed) ? At that point it doesn't really matter what's on the other side. The point here is that in this way you can guarantee information only flows in one direction. Plus it's dead simple (it will malfunction and at that time there will be many, many voices saying it's too simple, but it's not).
The system on the other end of the serial line can be as convenient an insecure as you want, because it's not trusted to be secure. Needless to say, in practice there's still considerations of redundancy, so there are multiple output systems sending data over different fiber paths to different destinations. But all of them have the RX pin connected to ground.
There is lots of security hardware that does this.
This is how it works. Network of trust. A trusts B to ... Software trusts hardware to ... Operator trusts hardware to ... Operator trusts software to ... you make an overview of this and then you scratch anything you can. Depending on the level of security required you accept varying levels of inconvenience.
Thanks for the reminder on one-way channels. Each situation is different, e.g. software-based systems can build upon hardware separation (including one-way data diodes), while retaining the option for software defenses to evolve in response to ever-changing threats.
