My somewhat random thoughts on the battle for your PC and how it may play out in the coming year . . . (and by your PC I really mean your Mom's since you're of course running IE7 on Vista with UAC enabled and DEP forced on etc. right?):http://blogs.technet.com/bluehat/archive/2008/04/28/the-battle-for-the-browser-your-pc.aspx
EDIT: I'd like to give out a shout-out to Skywing who apparently was one of the first to mention that you could make application use ASLR by editing the binary in his blog post here: http://www.nynaeve.net/?p=100He also mentions that the VS2005 SP1 compiler / linker were the first version to offer up the ability to edit the binary to add ASRL creamy goodness, so kudos to him for that (and my teammate Mark for pointing it out to me. :)
Of course attachment security will continue to be all the rage in certain circles . . . and we may even see the bad guys start to focus less on Office 2003 and older binary file formats and more on other popular document formats *cough* Acrobat *cough* . . .