eldavojohn writes: The latest versions of Microsoft Windows has some great security options available--now if only they could get their most popular third party applications to use them. From DEP and ASLR, Krebs breaks it down who is using them and who is not. A security specialist noted 'If both DEP and ASLR are correctly deployed, the ease of exploit development decreases significantly. While most Microsoft applications take full advantage of DEP and ASLR, third-party applications have yet to fully adapt to the requirements of the two mechanisms. If we also consider the increasing number of vulnerabilities discovered in third-party applications, an attackers choice for targeting a popular third-party application rather than a Microsoft product becomes very understandable.' Among those with neither DEP or ASLR: Apple Quicktime, Foxit Reader, Google Picasa, Java, OpenOffice.org, RealPlayer, VideoLAN VLC Player, and AOL's Winamp. While Flash player can't implement DEP, it does have ASLR. Google Chrome is the only popular third party application listed with stars across the board.