Memory protections: ASLR (randomizes memory layout), DEP/NX (non-executable stack/heap), stack canaries (detect overflow), SMEP (prevents kernel executing user code), safe unlinking.
These protections make exploitation harder but not impossible (ROP gadgets bypass DEP+ASLR together). Modern exploitation requires bypassing multiple mitigations. Regularly patching is still the most effective defense.