I wouldn't call a RAM scraper an exploit. ASLR isn't an effective protection against a program that reads from memory. Driver signing in newer versions of Windows is a more appropriate protection but will still fall short of stopping a motivated attacker.

Most of POS terminals aren't using Windows, but embedded custom operating system, firmware & software. https://news.ycombinator.com/item?id=8409305