Simple explanation as requested...
Software ("code") is really just a lot of instructions for the machine. At a low level, the processor is fed a series of data chunks and instructions for what to do with them - add this number to that one, go to a certain other instruction, things like that.
Now, some programs are designed to treat a hunk of bits as data at one time and as instructions at another time - in effect, generating code on the fly. This can be a legit practice but it also introduces security holes (explanation of this omitted!).
So some processors now have a new feature called NX (no execute). This enforces the division between data and instructions. Of course this breaks some legit programs, but it also prevents a class of
exploits (not all malware, just malware using certain techniques).
Microsoft's
dep is a software emulation of this feature. Windows XP with SP2 can take advantage of NX. But with
dep you get a similar kind of protection even if the chip doesn't have the feature. It's less secure because it is software only.
Here's a MS page about it. Is this the one you read?
»
www.microsoft.com/techne ··· xsettingThe next version of Windows will support
hardware NX (only if the processor has the NX feature).