Researchers at Microsoft have completed work on a prototype framework called BrowserShield that promises to intercept and remove, on the fly, malicious code hidden on Web pages,
Apparently those clever guys at MicroSoft have never heard of The Halting Problem. (Edit: Or Rice's Theorem.) In short, it is possible to prove mathematically (and Alan Turing did, in the 1800's) that programs like this can never both be accurate and have finite runtime. In other words, either it has bugs, or else it goes into an infinite loop. One of the two is inevitable. And we have a mathematical proof of this.
So, these guys apparently didn't even take comp sci 1001. And now MicroSoft is handing control of what code your browser will and won't execute... over to them. This is *almost* as bad an idea as allowing your browser to execute arbitrary code from random web pages in the first place! ^O^
Theoretical issues quite aside, how about practical ones?
I made a similar product once.
Unfortunately, I wrote it directly into my program without giving it another name, since I didn't realize I could sell the security separate from the program.
(Whoah, a rare /. story where the comments are worth reading!)