It's .NET based, and .NET already has a well-proven security model where assemblies (that's the compiled modules) from anywhere except the local hard disks have to request various permissions to access local resources like files, the registry, ActiveX components or anything. There are more vulnerabilities in most browsers' Javascript implementations than there are likely to be in Silverlight.

On top of that, given that the .NET Framework is fully documented and the various components are open-standard (which is how MONO exists in the first place), plus the fact that Silverlight is based on XAML which can be embedded in the web-page and read like Javascript or indexed by search engines, Silverlight is probably more open than Flash/Flex and Java.

If you like, I can blather on about how the fact that it's strongly-typed and compile-time optimized mean it's going to piss all over Flash for performance, or the very real possibility that they could integrate XNA with it and create an insanely good system for completely cross-platform gaming through the web...?