Security Evaluation of a VM-Based Intrusion-Tolerant System with Pull-Type Patch Management.