However, exactly when did the 'web shift to a "presumed hostile" state?
2000 or so? Probably when always-on broadband become common.
I ask because by my count, we've been in a hostile environment for years. And throughout those years, Microsoft has either introduced some very disturbing implementations or promised secure implementations that later fall short of these grand claims
Certainly XP as released was way too trusting. But I think Microsoft's track record has been quite positive since XPSP2. I wasn't around for that period, but it definitely got people VERY focused on security as something that has to be baked into product design from the inception of the product. Vista, IE 7/8, Silverlight, Office 2003/2007 all have had much better security records than their predecessors.
Lots of complaints about Microsoft products, most notably Vista, are on areas where Microsoft prioritized security over simplicity or backwards compatibility. And that's a problem for everybody, including Mac and Linux, with years of regular security updates ahead of us.
It's been easier in Silverlight since there wasn't anything to be backwards comaptible to. But there are defintley features that have been cut, delayed, or reduced in scope due to the test cost of verifying security. Every feature gets a threat model and security test plan before it gets approved.
We're really serious about it. On the media side, for example, there's a lot of fuzz testing of malformed bitstreams to make sure there's no way to cause a crash that could then lead to an exploit.