Exactly. AFAIK Trezor plans to implement this BIP once it's accepted (It's in the final draft stage now). But provided that BIP70 is used, device may be able to protect you against address replacing malware.
It is and has been active for a while. Final is final, the reference implementation has been completed and accepted by the community. See
here.