Data Execution Prevention (DEP) is a set of hardware and software technologies that perform additional checks on memory to help prevent malicious code from running on a system.
In Microsoft Windows XP Service Pack 2 (SP2) and Microsoft Windows XP Tablet PC Edition 2005, DEP is enforced by hardware and by software.
The primary benefit of DEP is that it helps prevent code execution from data pages,
such as the default heap pages, various stack pages, and memory pool pages.
Typically, code is not executed from the default heap and the stack.
Hardware-enforced DEP detects code that is running from these locations and raises an exception when execution occurs.
If the exception is unhandled, the process will be stopped.
Execution of code from protected memory in kernel mode causes a Stop error.
DEP can help block a class of security intrusions.
Specifically, DEP can help block a malicious program in which a virus or other type of attack has injected a process with additional code and then tries to run the injected code.
On a system with DEP, execution of the injected code causes an exception.
Software-enforced DEP can help block programs that take advantage of exception-handling mechanisms in Windows.
However if a program is failing and you want to disable DEP,
or if you have a new CPU that supports DEP you might want to always enable it.
You can do it in two ways:
The first way is via the system properties.
* Click Winkey+Break
* Go to the Advanced tab
* Click the Performance Settings button
* Click Data Execution Prevention tab
* Use one of the following procedures:
Click Turn on DEP for essential Windows programs and services only to select the OptIn policy.
or Click Turn on DEP for all programs and services except those I select to select the OptOut policy,
and then click Add to add the programs that you do not want to use the DEP feature.
* Click OK two times.
The second way is to update the boot.ini file
To configure DEP to switch to the AlwaysOn policy by using the Boot.ini file, follow these steps:
# Click Start, right-click My Computer, and then click Properties.
# Click the Advanced tab, and then click Settings under the Startup and Recovery field.
# In the System startup field, click Edit. The Boot.ini file opens in Notepad.
# In Notepad, click Find on the Edit menu.
# In the Find what box, type /noexecute, and then click Find Next.
# In the Find dialog box, click Cancel.
# Replace policy_level with OptOut.
WARNING Make sure that you enter the text accurately.
The Boot.ini file switch should now read:
/noexecute=OptOut
# In Notepad, click Save on the File menu.
# Click OK two times.
# Restart the computer.
Windows supports four system-wide configurations for both hardware-enforced and software-enforced DEP.
* OptIn - This setting is the default configuration.
On systems with processors that can implement hardware-enforced DEP,
DEP is enabled by default for limited system binaries and programs that ?opt-in.?
With this option, only Windows system binaries are covered by DEP by default.
* OptOut - DEP is enabled by default for all processes.
You can manually create a list of specific programs that do not have DEP applied by using the System dialog box in Control Panel.
Information technology (IT) professionals can use the Application Compatibility Toolkit to ?opt-out? one or more programs from DEP protection.
System compatibility fixes, or shims, for DEP do take effect.
* AlwaysOn - This setting provides full DEP coverage for the whole system.
All processes always run with DEP applied.
The exceptions list to exempt specific programs from DEP protection is not available.
System compatibility fixes for DEP do not take effect.
Programs that have been opted-out by using the Application Compatibility Toolkit run with DEP applied.
* AlwaysOff - This setting does not provide any DEP coverage for any part of the system, regardless of hardware DEP support.
The processor does not run in PAE mode unless the /PAE option is present in the Boot.ini file.
Configure The Right Data Execution Prevention (DEP).
Disclaimer: mikedopp.com is firmly opposed to illegal modification of Software and any illegal activity or breaking copyrights.
We post this because this is educational information and not to be used otherwise,
not because we intend to spread piracy and or promote illegal usage of any software or hardware in any circumstance.
© 2005