Read the paper (Score 1)

It's not identifying the malicious code statically-- it inserts runtime checks and acts like a reference monitor for JavaScript.

You can read more details in the MSR article. The paper (to appear at OSDI) is here: http://research.microsoft.com/research/shield/pape rs/bshield.pdf