Preventing attacks on a computer at run-time. Content that is configured to access at least one function of a computer is received by the computer. Protections corresponding to the function are added to the content, wherein the protections override the function. The content and the protections are then transmitted to the computer. The function may expose a vulnerability of the computer, and arguments passed to the function may exploit that vulnerability. The protections are executed when the content is executed, and determine whether the arguments the content passed into the function represent a threat. In response to determining that the arguments represent a threat, execution of the content is terminated without executing the function.