Seeing that post reminds me of something you may not have noted yet. If you go to System Control Panel-->Advanced Tab-->Performance Settings there is now a DEP tab(XPSP2). By default its only enabled for Windows but you can turn it on for everything there.
For the uninitiated DEP stands for 'Data Execution Prevention' this is a directive which marks memory space used for variables as non-executable. This in turn means that 'Buffer Overrun' exploits are mainly stopped or nutralised. The /NoExecute=Optin switch in boot.ini is part of that and was introduced in SP2.