Any service that runs in a virtual machine provides the potential for attack. By deactivating system components that are not necessary to support the application or service that is running on the system, you reduce the attack potential.
Virtual machines do not usually require as many services or functions as physical servers. When you virtualize a system, evaluate whether a particular service or function is necessary.
Note: When possible, install guest operating systems using "minimal" or "core" installation modes to reduce the size, complexity, and attack surface of the guest operating system.