While ASLR and DEP have certainly made it more difficult to exploit
modern programs, exploit writers have advanced as well. Practices like
return oriented programming and heap spraying often succesfully counter
these new defence measures. So the question arises: Can we do more to
protect buggy binaries from being exploited?