Tech Tips Home
The Best Tech Tips And Daily Deals
Newsletter On The Internet!

Shop online 24hrs a day or call us Mon-Fri
8:30AM-4:30PM EST - 1-800-915-2088
WorldStart Tech Tip And Store Search
Email: Password: Login Remember Me
looking for freeware

Like what you see here? Subscribe to the Tech Tips newsletter!   Email: Subscribe

Windows Data Execution Protection – Part 2

Friday, January 27th, 2006 by | Filed Under: Security Help
 
Loading...


Windows Data Execution Protection – Part 2

Last week, I discussed Windows Data Execution Protection (DEP) which is available in Windows XP. If you remember, there are two different versions of DEP. One being hardware based and dependant on the CPU compatibility, while the other is software based and is installed with Windows’s XP Service Pack 2. Last week’s article focused on hardware DEP and determining if you have the capability, along with how to enable/ disable the function. This week I’m going to focus on software based DEP including what options it has, and how to manage it.

Software DEP: This service was introduced to Windows XP with Service Pack 2. It performs security checks to help mitigate the execution of code in protected memory. Software DEP, unlike the hardware version does not rely on compatible processor technology and will run on any Chip that supports Windows XP with SP2.

Unlike antivirus programs, DEP does not stop malicious code from being installed on your system. Rather, what it does, is monitor protected areas of memory and it stops any attempt to execute code in this memory. If malicious code does attempt to execute in a protected area of memory, the DEP function will stop the offending program and warn the user.

The reason stopping any code from running in these protected areas of memory is so important is because this is a frequently used method that attackers use to run their buffer overflow attaches. A buffer overflow is a common way for attackers to lock up your system allowing them to install Worms and Trojans, completely unbeknown to the user. Security aside, programs should not be written to execute code in these protected areas of memory anyway, and if one does, chances are that it is a poorly written program.

Although this software based DEP improves the security of your system by default, it is only set to monitor Windows binaries. This means that it is only marking and monitoring the windows processes, ignoring all third party applications. Microsoft mentions on their site that it does this to ensure that there are no compatibility issues with any current programs users may have on their PC. Microsoft goes on to suggest that if you do have any programs that won’t run with the DEP enabled, you should go to the manufacturer’s site and look for updates. If the program is unsupported and there are no updates to fix a compatibility issue, you can add the program to the exception list and the DEP will ignore it.

So let’s take a look at how to enable DEP for all programs. After that, I’ll go over how to add a program to the exception list.

Two things you have to have in order for the following procedures to work:
1) You must be logged in with an administrator account.
2) You must have Windows XP with Service Pack 2 installed.

Enabling DEP for all programs:

1. Click Start, and then click Control Panel.
2. Under Pick a category, click Performance and Maintenance.
3. Under Pick a Control Panel icon, click System.
4. Click the Advanced tab.

5. In the Performance area, click Settings.

6. Click the Data Execution Prevention tab.

7. Select Turn on DEP for all programs and services except for those I select.
8. Click Apply, and then click OK. A dialog box appears and informs you that you must restart your computer for the setting to take effect. Click OK.


To verify DEP settings for all programs are applied:

1. Click Start, then click Control Panel.
2. Under Pick a category, click Performance and Maintenance.
3. Under Pick a Control Panel icon, click System.
4. Click the Advanced tab.
5. In the Performance area, click Settings and then click Data Execution Prevention.
6. Verify that Turn on DEP for all programs and services except for those I select is selected and then click OK to close Performance Settings.
7. Click OK to close System Properties then close Performance and Maintenance.

Stay safe out there,

~ Chad Stelnicki

Leave a Reply


Like these tips? Get them for FREE in your email!

WorldStart's Tech Tips Newsletter

  • Tech Tips Daily - Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

  • Tech Tips Weekly - If you don't want our Tech Tips newsletter every day, then sign up for this weekly newsletter to get the best information of the week. Sent on Fridays.

Other Newsletters

  • WorldStart's Daily Deals - Every week, we send out great deals in our Daily Deals newsletter. Many of these deals are exclusively for our Daily Deals newsletter subscribers and can't be found with our regular specials.

  • Just For Grins - Each issue includes a couple clean jokes, some funny quotes, and a hilarious reader's story. Newsletter is sent five days a week.


Enter Email Address:

Subscribe

Your e-mail address is safe with us!
We only use it to send you the newsletters you request. It is NEVER disclosed to a third party for any reason, ever! Plus, if you decided you don't like our newsletters (don't worry, you'll love them), unsubscribing is fast and easy.

Free Newsletter Signup



Tech Tips Daily

Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

Tech Tips Weekly

The week's best in tech and computer help. Get your issue sent to your email every Friday!

WorldStart's Daily Deals

The very best deals on the Internet! Get a new set of incredible sales every day of the week!

Just For Grins

Clean jokes, funny quotes, and hilarious comics. Sent 5 times a week straight to your email.


Subscribe


Love Worldstart? Refer A Friend!

looking for freeware
WorldStart's Premium Membership

Tip Archive


Categories:
Archives: