Though somewhat technical, this paper
addresses growing concerns over browser insecurity. It describes the current climate well: as web sites (have) evolved into dynamic web applications composing content from various sources, browsers have become multi-principal operating environments with resources shared among mutually distrusting web site principals.
The paper introduces readers to a Microsoft Research/Univ of IL (Urbana)/Univ of WA effort named "Gazelle" that works at the micro-kernel level to prevent unwanted intrusions. This effort merits attention and monitoring.