Although sandboxing the browser is popular, it really is a "feel good" type of protection than something that is actually needed if one is using cruel CF. It is important to note that the browser itself is not malware, but instead any spawn arising from it being malicious, and these are taken care of by CF's intrinsic protections.