[tptacek]

They're different threat models.

Vista Protected Mode (IIRC, it only works on Vista, because of XP's session security flaw) is like privsep SSH. It's primary job is to keep malware from persisting.

On Windows, my understanding is that Chrome Sandboxes do the same thing. But what the process-per-tab model is most notable for is defending against cross-domain attacks. Which, if you ask me --- and I'm a Microsoft booster --- is the more important threat model. Browser-resident malware is where we're headed.