The recent IE attacks have show again that the current technology built in Windows Vista and Windows 7 could at least help to mitigate the attacks. One of these technologies which could be used more broadly is Data Execution Prevention (DEP). Here is how to switch DEP on (it is fairly well hidden).
Now, this is on an OS-level for your applications in general. In IE, it is in the Internet Options:
This option is switched on by default in Internet Explorer 8 (in my case re-enforced through Group Policies and therefore gray). This might have an impact on usability as certain poorly written plug-ins will crash – something I can definitely live with. On the IE blogs, there is a post describing DEP in IE8: IE8 Security Part I: DEP/NX Memory Protection
Just use it!
It's really good article.. I appreciate your effort of posting screen shots. It made it more easy to understand..