Generic exploit mitigation is not so much about vulnerabilities but rather methods used to exploit them. Patching vulnerabilities is important, but consider mitigations for the vulnerabilities not so easily addressed. By limiting where programs can execute, randomising the location of allowed programs, and refining your system security settings, you can augment overall system hardening. Think of it as a lock that could be picked, but preventing access to the lock in the first place. Upgrade older platforms to newer versions that already have these mitigations built in. Deploy baseline images already hardened. Defence in depth extends to within individual systems.