Email has always been an effective way to spread malware because people often click on the attachments they receive without taking any additional protections. Those extra protections would include opening the attachments in a better sandboxed environment (Sandboxie, as or a virtual machine, are two examples). It’s understandable why most do not, because it’s often too inconvenient to take such measures to read your email. Therefore, it’s up to email service providers to try and limit this type of malware risk as much as possible.
Where applicable, the browser’s sandboxing should also help. However, chances are the malware makers already take browser sandboxes into account and include ways to bypass them.
The new restriction is a part of Google's continuous efforts to improve Gmail security. However, we're still waiting for the end-to-end encryption feature that Google promised back in 2014 but has yet to deliver.