Q: What's the Data Execution Prevention (DEP) security feature that Microsoft introduced in Windows XP SP2? How can it make my Windows system more resistant to malware attacks?
A: DEP is a buffer overrun defense feature. Buffer overruns are often used by malware to get unauthorized access to a system or to execute its malicious payload on a system. A buffer overrun attack typically writes executable malicious code to a program’s memory buffers and then tricks the program into executing the malicious payload. The execution of maliciously injected code can be prevented by DEP. DEP lets an OS mark memory locations that should contain only data as No eXecute (NX). When an application attempts to execute code from NX-marked memory locations, the OS DEP logic will block the application from doing so.
DEP is supported in Windows Server 2008, Windows Vista, XP SP2, Windows Server 2003 R2, and Windows 2003 SP1. Two versions of DEP are available: hardware-enforced DEP and software-enforced DEP. Hardware-enforced DEP leverages a processor feature that AMD refers to as the NX-bit and Intel refers to as the eXecute Disable (XD) bit. Today, all Intel and AMD CPUs support DEP. However, this hasn't always been the case: in the early days of DEP, AMD supported NX only on its 64-bit processors, and Intel supported XD only on the Itanium processor, EM64T 64-bit processors, and a small number of 32-bit Prescott processors. Software-enforced DEP lets Microsoft provide DEP on 32-bit processor systems that aren't equipped with a NX- or XD-compatible processor. With software-enforced DEP, the processor-level NX- or XD-bit functionality is provided by set of cookies that the Windows OS automatically adds to data objects stored in the system memory. . . .
You must be a logged on user to view the rest of this article
IT Connections Dive into the new Microsoft platforms and products you implement and support with the experts from Microsoft, TechNet Magazine, Windows ITPro and industry gurus. There are 70+ sessions and interactive panels with networking opportunities.
Attention User Group Leaders... Announcing the eNews Generator—a FREE HTML e-newsletter builder for user group leaders. Build your HTML and text e-newsletters in minutes and add Windows IT Pro & SQL Server Mag articles alongside your own message!.
Master SharePoint with 3 eLearning Seminars Learn how to build a better SharePoint infrastructure and enable powerful collaboration with MVPs Dan Holme and Michael Noel. Register today!
Get SQL Server 2008 at WinConnections Don’t miss Microsoft Exchange and Windows Connections conferences, the premier events for Microsoft IT Professionals in Las Vegas, November 10-13. Every attendee will receive a copy of SQL Server 2008 Standard Edition with one CAL.
Order Your SQL Fundamentals CD Today! Learn how to use SQL Server, understand Office integration techniques and dive into the essentials of SQL Express and Visual Basic with this free SQL Fundamentals CD.
Register
