A simple but clever research has been published by Stephan Chenette of Websense to demonstrate that bypassing gateway and desktop antivirus is possible by breaking down malware code into smaller pieces to be downloaded from
different streams. What this attack enables you to do is really get exploit code from the server into the browser memory and trigger the exploit Chenette said. The code in charge of downloading the malware will look like any other harmless javascript code while using XHR to download the real malware few bytes at a time. The attack, which has not been seen in the wild by Websense, works on all the major browsers. Since it’s not a web browser vulnerability, a solution is not to be expected. The approach mainly exploits the way browsers and antiviruses are built.