Third party applications are failing to use Windows security features
The latest Microsoft operating systems include security features such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) that can help protect against exploits and reduce the success of attempted attacks. Most Microsoft applications make use of these technologies, but Danish researchers have discovered that some of the most popular third party programs for Windows - including Apple QuickTime, Sun Java JRE, Open Office, Winamp and others - don't take advantage of these security features or implement their support improperly. Interestingly, the only third party app that was found to use DEP and ASLR correctly, out of 16 that were examined, was Google's Chrome browser.
You can read more about it here: