[micaksica]

Working within an assumed breach scenario, the VM is defense in depth. Firefox has holes, and it will continue to be relatively easily exploitable as long as TBB allows for plugins and JavaScript by default. There is reticence from TBB team to disable JS by default even in the face of a few of these 0days, so you have to protect TBB users a level down from the browser and assume it'll be popped.

There are Windows "sandboxes" like Bromium, and as stated, IIRC EMET will stop the stack pivot here.

[splesjaz]

Last time I checked they were working on a TBB sandbox [1] Let's hope it will be there soon, subgraph has oz[2] and can be used with any program really then there is firejail[3] but these 2 are only on Linux available.

1: https://blog.torproject.org/blog/q-and-yawning-angel 2: https://github.com/subgraph/oz 3: https://github.com/netblue30/firejail