A virtualized computing environment is protected from a malicious hypervisor by restricting the hypervisor's access to one or more portions of an event (interrupt or exception) handling pathway of a guest virtual machine, wherein the guest virtual machine includes both a secure layer to manage security for the guest and one or more non-secure layers to handle event processing. The hypervisor is restricted from providing normal exception information to the guest virtual machine (referred to simply as a “guest” herein), and instead is only permitted to provide an event signal to the secure layer of the guest. In response to the event signal, the secure layer of the guest accesses a specified region of memory for the event information, reviews the information, and provides the information to another, non-secure, layer of the guest for processing only if the event information complies with specified security protocols.