Data Execution Prevention (DEP) is security feature that first introduced in Windows XP Service Pack 2 (SP2) and is included in Windows XP Tablet PC Edition 2005, Windows Server 2003 Service Pack 1 (SP1) and Windows Vista, plus future operating system such as Windows 7, Windows 8,Windows 8.1 and Windows 10. DEP is intended to prevent an application or service from executing code from a non-executable memory region. DEP is enforced by hardware technology that detects code that is running from the default heap and the stack and raises an exception to terminate the process when execution occurs, and software-enforcer that prevent malicious code from taking advantage of exception-handling mechanisms in Windows. In short, DEP perform additional checks on memory to prevent malicious code or exploits from running on the system by shut down the process once detected.
Why Disable DEP ?
I was running multiple processes on different tabs in Firefox 3, finally my Firefox crashed and Microsoft gave a very beautiful reason for the crash which you have read above. Actually it happened the moment I clicked on a YouTube video, it sounds weird, right? If you are a heavy geek like me, who works on multiple Firefox tabs and also use online services that need to access your system memory, then your Firefox is definitely going to crash unless you don’t disable DEP. Another reason to disable it is when it does not allow you to open Executable files that needs to access your system memory.
Note: Only disable DEP if your executable file is not getting installed or if your Firefox is crashing all the time(and Microsoft keeps giving DEP excuse).
How To Disable DEP ?
Go to Start, right click on Computer and finally click on Properties. Now in the System window click onAdvanced System Settings in the left sidebar as shown in the screenshot below.
Now in the System Properties Windows, under Performance click Settings as shown in the screenshot below.
Finally in the Performance Options windows, navigate to Data Execution Prevention tab and select the second option “Turn on DEP for all programs and services except those I select:” as shown in the screenshot below.
Now suppose you have to disable DEP for some executable file, just click on Add, and then select the file to add it in the list and you are done. 
Well you can’t add Firefox because it is not an executable file, but it pretty much solved my problem.
Alternative Method – Disabling DEP Completely From Command Prompt
Warning: Do not use this option if you are not an administrator. Make sure that you fully understand what you are doing.
From the Start menu, select All Programs, then go to Accessories and then finally right-click on Command Prompt and click Run as Administrator(Or Disable User Account Control).
Once the command prompt is open, you can now disable the DEP by entering the following command line.
bcdedit.exe /set {current} nx AlwaysOff
If you regret your decision and now wants to enable or turn back on the DEP protection for your Windows, simply use the following command instead:
bcdedit.exe /set {current} nx OptIn
Or (above is the default setting on Windows, and below command will apply DEP to all processes):
bcdedit.exe /set {current} nx AlwaysOn
How to Verify the Status of DEP
Run the Command Prompt as Administrator, the run the following command:
wmic OS Get DataExecutionPrevention_SupportPolicy
A status code will be returned. The status of the DEP is corresponding with the code listed in table below:
| Code Number | Flag | Status |
| AlwaysOff | DEP is disabled for all processes. | |
| 1 | AlwaysOn | DEP is enabled for all processes. |
| 2 | OptIn | DEP is enabled for essentials Windows programs and services only. Default setting. |
| 3 | OptOut | DEP is enabled for all processes except for excluded programs and services. |
Reference Link:
No comments:
Post a Comment