[oldstrangers]

Having two 0-days for one of the most popular browsers tells me they probably have access to whatever they want.

[dmortin]

For high value targets, probably. For average spear phising I don't think they spend more resources to break out from docker.

Since default docker runs linux, running the browser in a linux docker can be enough, because they usually have windows exploits.