Microsoft created the Enhanced Mitigation Experience Toolkit to mitigate memory related vulnerabilities in Windows, and recently added two security mechanisms, Heap Isolation and Delayed Free, to IE to help prevent malicious code execution. Of course, no sooner does a software company implement new security features than a hacker somewhere figures out how to crack it, and a researcher presenting at the ShmooCon hacker conference last week showed off successful bypasses for both security mechanisms.
http://threatpost.com/bypass-demonstrated-for-microsoft-use-after-free-mitigation-in-ie/110570
