I was wondering since all updated operating systems guard against stack and heap type overflows via ASLR, Canary Checks, and other such methods, are memory corruption exploits still prevalent? Given that the administrator of the system is competent and protects the system from brute force or libc attacks, I honestly can't see many other ways. They only thing that I can possibly imagine for someone to attack a system is to overwrite function pointers on the stack but thats about it. Maybe if someone found a clever way of predicting random numbers, the schemes that rely on random results could be defeated, however it seems unlikely. It seems the only way to exploit someone else's system given now a days is to trick root or the admin into installing your software. Are the old days of code injection over? I'm at this from the perspective of breaking updated protected systems.
You do not need to trick the admin into installing your software if vulnerable software is already installed. It is much easier to use higher-level constructs to have a OS command injected. E.g.: a web application allowing to upload a file to arbitrary location, a web application using user-controllable input to build an OS command.