"Even Symantec has "Stops threats unrecognized by traditional antivirus techniques" in their feature list"
Even small brand rogue scareware has this sort of stuff in their feature list.
Just what the hell is that supposed to mean? No it does not stop brand new malware, never did, and never will, because anyone who makes malware (except possibly the antivirus vendor) tests the malware against the antivirus software to make it pass. Heck, everyone who makes software has to do this because of false positives! If by a chance antivirus flags some new malware in development as malware - the chance exists for any new software - well, I suppose the author will simply swap a few functions around, fiddle with compiler's optimization options, maybe screw a little with UPX source code or not use UPX, and it'll pass.
From where i'm standing, we don't need separate piece of software to protect from the browser exploits and similar things; any decent browser gets patched before the
antivirus in any case. What do regular users really need antivirus software for is software piracy. Software piracy is not practical without having a good antivirus. (Ofc you can't pirate the antivirus itself because it phones home all the time to get updates). If there's someone who profits big time from piracy, that's not piratebay. That's our glorious 'good guys' the antivirus vendors.
"Are you referring to Software Restriction Policy on Windows Dymtry"
No i'm not referring to software restriction policy, or any implemented method, for that matter. I'm making an observation:
Almost none of the applications I or you use, except for a couple special utilities (file search tools, and such which layman user may not even have), read from or write to files and locations that aren't either
a: in software's own folder, or
b: are chosen by user through the file dialog AS OF NOW WHEN THERE IS NO SECURITY.
This is the un-enforced convention which large majority of good software nonetheless obeys.
Nobody's interested in enforcing this; they're interested in blacklisting, because blacklists have to be up to date (=subscription services), they're interested in whitelisting, because that will let them extort money out of software developers - those developers whom actually make anything of value - they're interested in showing a ton of scary popups, they're interested in 'heuristics' (tricks that aren't guaranteed to work, and do not work), because those generate a lot of false positives (extortion from honest developers again, though fortunately this is not so bad because you can always work-around false positive by fiddling with the code - same applies for true positives for real malware). But they're not interested in doing anything relatively quiet that'd work. Our only hope is that microsoft eventually sorts security out.