, AndyC wrote

  1. Silverlight is a plugin, which means that to all intents and purposes it's a native code executable. There is no point trying to prevent native code executables from calling native code, it just can't be done.

Silverlight is a plugin, and IE makes no attempt to secure it as you rightly point out. On the other hand, Silverlight webapps are not native programs. They are sandboxed by Silverlight in much the same way that Javascript is sandboxed by IE. That's not to say that bugs in the sandbox don't prevent websites from getting native code execution - after all, that's what an exploit is, but let's be clear that Silverlight really should be trying to prevent web sites from calling native code, because I really don't like the idea of a website asking Windows to write a file to disk and CreateProcess it.