The general idea is to use a machine which has minimal opportunity to be compromised through other activities. There have been known to be exploits that allow a compromised VM guest to compromise the host, and obviously if you compromise the host you can compromise all the other guests.
Using a separate VM is worse than using a separate physical machine and better than doing nothing. Whether it's "good enough" depends on who you are. Who are the plausible attackers? What do you stand to lose if it goes wrong?
The VM is easily vulnerable to the host OS, so running in a VM only protects the activities you do in the VM in the sense that the software pwning the host might not be looking for it. So not really.
Unless you are not using the host OS for anything _other_ than virtualization. If the host OS is used to host VMs[1], which are then used for specific tasks (casual browsing, banking, development, etc). Any exploit will be limited to the VM. This would be a pretty solid setup. It is only vulnerable to attackers that have direct access to the hardware, or have the ability to exploit the hypervisor.
[1] in other words if the host OS is used as a hypervisor, or if the host OS _is_ a hypervisor.
The general idea is to use a machine which has minimal opportunity to be compromised through other activities. There have been known to be exploits that allow a compromised VM guest to compromise the host, and obviously if you compromise the host you can compromise all the other guests.
Using a separate VM is worse than using a separate physical machine and better than doing nothing. Whether it's "good enough" depends on who you are. Who are the plausible attackers? What do you stand to lose if it goes wrong?