Technology

What Is Data Execution Prevention Windows 10

This article is about to What is data execution prevention windows 10. Data Execution Prevention (DEP) is a system-level security feature included on Windows machines.

The main purpose of DEP is to monitor processes and services to protect against malicious code vulnerabilities by closing any programs that are not running correctly in memory.

The feature, also known as executable space protection, comprises a set of hardware and software technologies that perform additional system memory checks to stop malicious code from running.

Whenever a malicious program attempts to execute code in specific locations in system memory reserved for authorized programs and Windows 10, DEP marks them as non-executable and throws an error.

All of this happens to prevent any damage to your computer from viruses and other security threats. However, DEP can sometimes conflict with legitimate programs like your antivirus, in which case you may need to disable the feature for specific applications.

 How To Set Up Data Execution Protection In Windown10

Adding data execution protection can prevent our program from crashing at startup. This principle is the same as win7 protection. Let’s take a look at the exact setup tutorial.

Tools/raw computer win10 method/step Find our computer, right-click to pop up properties, and click Properties. Click Enter image description and click Advanced settings under Properties.

Please click to enter the picture description to enter the advanced settings. You need to click the settings under the performance.

One thing to note is that the account you currently log in to win10 must be an administrator account. Please click to enter the picture description and choose the following one according to the prompts.

Please click to enter the picture description to select and then click to add. What is added is to add the program that will crash to the data execution protection.

Please click to enter the picture description and then click the Apply button in the lower right corner. After the application is completed, we will complete the setting.

Please click to enter the picture description Notes The added file needs to be an application file, other files are invalid.

How To Enable Data Execution Prevention (DEP)

Data Execution Prevention (Data Execution Prevention, hereinafter referred to as DEP) is a new feature of WinXP SP2. On the WinXP SP2 design, open the “System” properties in the Control Panel, click “Settings” in “Performance:

Visual Effects, Processor Schedule, Memory Usage and Virtual Memory” under the “Advanced” tab, and then click “Settings”. Select the [Data Execution Prevention] tab in “Performance Options” to set the DEP function of WinXP SP2.

DEP technology also needs the support of hardware devices. If you want to fully support DEP, you must have a CPU that supports DEP technology. Currently, only Intel’s “Itanium” series, Pentium 4 J support, and AMD’s Athlon 64 series, Opteron support.

Computers whose hardware does not support DEP can only use WinXP SP2 to simulate some functions of DEP in software.

In short, DEP can be regarded as the underlying security protection mechanism of the operating system, and it does not have the function of virus detection itself.

However, if there is a virus attack that exploits the vulnerability overflow, including local overflow, DEP can provide protection. DEP can automatically mark the area occupied by its executable code during program execution. CPUs that support DEP use a technique called “No eXecute” to identify the marked area.

If it is found that the currently executed code is not clearly marked as executable (for example, the part of the code that is spilled into the code execution area by the virus after the program is executed), its execution will be prohibited, then the virus or network attack using the overflow attack cannot use the overflow to destroy.

If the CPU does not support DEP, Windows will simulate some functions of DEP in software.

The Data Execution Prevention tab provides two options: “Enable DEP for essential Windows programs and services only” and “Enable DEP for all programs and services except those selected below.”

If some third-party programs do not work properly after enabling DEP, you can click the [Add] button to add them to the list that is not protected by DEP.

It should be noted that the DEP function only has a protective effect on malicious programs that exploit the overflow vulnerability to attack the system, and all anti-virus software cannot be abandoned after DEP is activated.

Leave a Reply

Your email address will not be published. Required fields are marked *