Detox-Comic

What is Data Execution Prevention?

Summary

Data Execution Prevention or DEP is a security feature of modern operating systems that aims to prevent the execution of code in an area of computer memory reserved for data only and not executable code.

Why do we need DEP?

Data Execution Provention aims to reduce the exploitation of buffer overflows, a problem that can result in the execution of code stored in memory.

Malware writers exploit buffer overflows in order to run their code hidden in areas of memory reserved for data only. By using DEP we reduce the risk of our computers being open to this type of attack.

Do I have DEP on my PC?

Most modern operating systems have Data Execution Protection.

For Windows you can see which programs have DEP enabled. Start Task Manager and select the Processes tab. Select View from the menu then Select Columns and scroll down and tick Data Execution Protection if it is there. You can now see which currently running programs have DEP enabled.

Last word

Data Execution Protection is another tool in your security toolkit that aims to reduce the exploitation of buffer overflows.

If you have any feedback regarding this article, or you have a suggestion for a new article, or just want to say thanks for the info then feel free to drop me an email at dave@detoxcomic.com.

Article date: 26th February 2011

Click here for more articles