That's why it does make sense to never rely on a browser's own sandbox. http://arstechnica.com/security/201...y-potent-enough-to-infect-actual-chrome-user/
Your only real defence is your wits. Hackers can't touch those. I wonder how the new slimmer 'IE' will do against this stuff? My gut feeling is that it's no contest.
Who said anything about third party sandboxes? I'm just saying, don't think you're safe, just because your browser is using a sandboxing mechanism like Chrome and IE.
Why the distinction on "never relying the browsers own sandbox" then? Safety is a relative term that depends on one's level of caution and profile. I would say the vast majority of users are safe, as long as they don't execute anything themselves and keep patching. As for Internet Explorer exploits, that isn't anything new. I'll be damned if it is autonomously ITW and up-to-date.
I referred to the article about Chrome. But I didn't read this article correctly, it seems like these exploits couldn't break out of IE's sandbox. At least not without using another vulnerability in Windows itself. Yes correct, but then there's still the risk of zero days. That's why using anti-exe or anti-exploit makes sense.
