Memory corruption has plagued computers for decades. These software bugs can often be transformed into working cyber-attacks. High-level protections, such as anti-virus, have done little to stop the tide. Recent low-level protections such as non-executable memory and module randomization have helped. Yet a new variant called return-oriented programming (ROP) has survived these protections. Medium-level protections, such as Microsoft's anti-ROP add-on called EMET, has helped some. But a particularly troublesome bug known as Use-after-Free (UaF) has been used in conjunction with other techniques to bypass EMET. Thus, another low-level mitigation is required. This talk will describe Heap Isolation and Delayed Free, two such new mitigations, aimed at preventing UaFs. We will demo the protection in action. We will also walk through a bypass for the new protection. We wrap up by discussing trends to watch for in the next couple years as it relates to these and other similar software attacks.