Ran across this on the Avast forum (about how Avast blocks threats (http://forum.avast.com/index.php?topic=61837.0)):

"There was a thread going on in MSE forums where one of the experts clearly explained that as of now, only Firefox and Internet Explorer make use of a Windows API that allows them to pass each item in a web page to the AV installed in the system before rendering it. It does not depend what AV it is. This is the reason why MSE's system requirements page explicitly mentions IE and FF and not Chrome, Opera or Safari. And that is also part of the justification behind MSE not having a dedicated web-shield."

So it's basically saying that if you're are using IE or Firefox your AV can prevent the page from rendering but if you're using Chrome, Opera, Safari (anything besides IE or FF), the page can still be rendered.

Does this mean it's possible for malware to get through, possibly run, be installed, etc.? Does anyone know about this?

In my view, the browser is as safe as you make it to be. If you White List scripting per site, and don't use web page plugins, you essentially nullify the majority of web-based exploits.

Here, for example, for those who use Adobe Reader, are the hurdles that PDF exploits must leap in order to succeed:

http://www.urs2.net/rsj/computing/tests/pdf

Using Opera properly configured, I've never gotten a web page embedded exploit to run.

-{ Quote: "Does this mean it's possible for malware to get through, possibly run, be installed, etc.?" }-Of course, one should have some type of white listing/execution protection in place to prevent any malware from running, as the "4th Requirement" screen shot in my PDF article shows.
----
rich



REFERENCE

PDF exploits explode, continue climb in 2010
http://www.computerworld.com/s/article/9176117/PDF_exploits_explode_continue_climb_in_2010
-{ Quote: ""In the last three years, attackers have found PDF vulnerabilities more and more useful, for a couple of reasons," Dirro said. "First of all, it's increasingly difficult for them to find new vulnerabilities with the operating system and within browsers that they can exploit across the different versions of Windows. And second, Reader is one of the most widely deployed applications that allows files to be accessed or opened within the browser."" }-

Are you alluding to this anti-virus built-in Epic browser ? ;)

http://www.wilderssecurity.com/showthread.php?t=277228

Run Prevx with Safe Online and any browser is very safe. Totally safe? I doubt that ANY browser is totally safe. That's why I image my HD at least weekly.

-{ Quote: "In my view, the browser is as safe as you make it to be. If you White List scripting per site, and don't use web page plugins, you essentially nullify the majority of web-based exploits. [...]" }-

I second that. On top of that, one could use isolate the browser from the system. And on top of that won't hurt to use some anti-exploit protection such as AVG Linkscanner, which will protect the users regardless of the browser used.