ISV best practices, Corrupted Heap Termination, the pursuit of (security) happiness . . .
MikeHow just wrote a brief write-up of some of the things our new heap manager on Vista is capable of detecting at runtime over at the SDL blog: http://blogs.msdn.com/sdl/archive/2008/06/06/corrupted-heap-termination-redux.aspx
As with the Low Fragmentation Heap - you can opt-in to that stuff by calling the HeapSetInformation() API and passing in the handle to your heap (or any heap in your process for that matter).
Speaking of opting-in to various good for security things - here's a great write-up from Matt Thomlinson and the aforementioned Mikehow from last year: http://msdn.microsoft.com/en-us/library/bb430720.aspx
The paper has a nice write-up of the following mitigation technologies in Windows for the every (wo)man:
/GS Stack buffer overrun detection.
/SafeSEH exception handling protection.
No eXecute (NX) / Data Execution Prevention (DEP) / eXecute Disable (XD).
Address space layout randomization (ASLR).
Heap randomization.
Stack randomization.
Heap corruption detection.
