Among other things, the Anniversary Update put font-parsing code in isolated containers and contained new validation for font file parsing to prevent attackers from being able to use font bugs for privilege escalation.
Months later Microsoft's security researchers discovered this font bug mitigation technique safeguarded Windows 10 against a previously unknown exploit that was abused by a South Korean hacking group in small but targeted attacks in South Korea.
Redmond's security team tested its exploit mitigations against two kernel-level then zero-day exploits (CVE-2016-7255, CVE-2016-7256) used by active hacking groups that offer privilege escalation.Via: The Register
They find, in a technical analysis designed to stress test the resilience of Windows 10, that the bugs were neutered on Anniversary Update machines even before it issued the respective November patch thanks to the exploit mitigation controls.
"Because it takes time to hunt for vulnerabilities and it is virtually impossible to find all of them, such security enhancements can be critical in preventing attacks based on zero-day exploits," the team says.