Memory randomization as application security enhancement?

Question

I recently came upon a Microsoft article that touted new \"defensive enhancements\" of Windows 7. Specifically:

• Address space layout randomization (ASLR)

Answer 1

It increases security by making it hard to predict where something will be in memory. Quite a few buffer overflow exploits work by putting (for example) the address of a known routine on the stack, and then returning to it. It's much harder to do that without knowing the address of the relevant routine.

As far as I know, OpenBSD was about the first to do this, at least among the reasonably well-known OSes for PCs.