This is a total nothingburger. If malware has enough access to steal passwords from your browser's memory, then there's no way to stop it from getting them.
Since I'm a windows user, it's pretty concerning for me. Many [rather vague] processes need administrative permissions in order to run. Now with the fact that nearly all my passwords are saved in clear text in memory and can be accessed by other programs, it can be scary to think what others can do with the passwords which are not 2FA.