Dan Goodin, The Register:
The most important addition is full ASLR. Short for address space layout randomization, the protection makes it much harder for attackers to exploit bugs by regularly changing the memory location where shell code and other system components are loaded. Other improvements include security sandboxes that tightly restrict the way applications can interact with other parts of the operating system and full disk encryption that doesn’t interfere with other OS features.
Fully implemented ASLR, multi-sandboxed applications, and block-level full disk encryption makes Lion the most secure OS X to date. I’m gonna resist though; “I’m not playing that game.”