dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
3

JamPony9
Premium Member
join:2004-12-08
Austin, TX

2 edits

JamPony9 to Traxless

Premium Member

to Traxless

Re: Data Execution Prevention (DEP)

Simple explanation as requested...

Software ("code") is really just a lot of instructions for the machine. At a low level, the processor is fed a series of data chunks and instructions for what to do with them - add this number to that one, go to a certain other instruction, things like that.

Now, some programs are designed to treat a hunk of bits as data at one time and as instructions at another time - in effect, generating code on the fly. This can be a legit practice but it also introduces security holes (explanation of this omitted!).

So some processors now have a new feature called NX (no execute). This enforces the division between data and instructions. Of course this breaks some legit programs, but it also prevents a class of exploits (not all malware, just malware using certain techniques).

Microsoft's dep is a software emulation of this feature. Windows XP with SP2 can take advantage of NX. But with dep you get a similar kind of protection even if the chip doesn't have the feature. It's less secure because it is software only.

Here's a MS page about it. Is this the one you read?

»www.microsoft.com/techne ··· xsetting

The next version of Windows will support hardware NX (only if the processor has the NX feature).