The prevention of data execution is one service that the Windows operating system needs to secure its functioning. Though it has been there for a while, not many people are aware of its existence. What precisely is it, then? And how does it operate? Furthermore, how do you turn it on on your computer? Let’s answer all these in this article.
What is DEP (Data Execution Prevention)?
Data Execution Prevention (DEP) is a security feature developed by Microsoft that stops harmful programs from running from locations in system memory on Windows-based computers. To assist in guarding against exploits, DEP is executing extra memory checks through the use of a combination of hardware and software methods.
Malicious code may be being executed by malware from memory locations that should only be used by Windows or other approved applications. DEP will stop an application and let you know if it finds one on your computer that is using memory improperly.
How does Data Execution Prevention work?
On a computer, there are numerous types of prevention. A firewall is one example; it identifies potentially harmful activity and stops the program from accessing or using particular parts of the machine, like the network or memory.
DEP’s preventive standards, however, varied slightly. It tracks their activities rather than stopping viruses or applications from being installed on your computer. Data Execution Prevention can stop a program from using all of the RAM or using it inappropriately, thanks to this monitoring.
So how does it accomplish that? There are several important elements, like:
- Programs cannot use memory locations marked by DEP as non-executable because of this.
- Code cannot access memory that is not executable.
- This portion of memory cannot be accessed by any harmful code or exploit.
- The user is alerted if the code or exploit attempts to access the memory region again, allowing the firewall or antivirus software to take control.
Therefore, DEP stops any malicious software or memory exploits from attempting to access your machine. In this manner, malware cannot monopolize memory bandwidth or impair performance.
Types of Data Execution Prevention
The two categories of DEP are:
- Hardware-Enforced Data Execution Prevention: DEP compatibility is required between the computer’s BIOS and processor.
- Software-Enforced Data Execution Prevention: This necessitates the Windows operating system’s memory protection policy. All versions of Windows following Windows XP Service Pack 2 contain it.
The primary methods for implementing DEP are these two forms. It additionally needs a DEP-compatible processor, either from AMD or Intel. In light of this, be sure to verify whether DEP is installed on your computer. Although they have been producing DEP-compatible processors for several generations, that shouldn’t be an issue.
How to enable Data Execution Prevention in Windows 10
DEP is activated by default; however, you can use the Windows Security software to turn it on or off again. For your protection, we suggest leaving it on.
- Press the Start button or the Windows key.
- Type in “Windows Security,” then click the app that shows up at the top of the search results.
- Select App & Browser Control, and then click on Exploit Protection.
You’ll find Data Execution Prevention on the System Settings tab.
How to enable or disable Data Execution Prevention for Specific Programs
To enable Data Execution Prevention in specific programs, you will have to go to Windows settings. Here’s how you can do that:
#1. Press the Start button and type View advanced system settings, then open it.
#2. In advanced system settings, head into the Settings tab under the Performance section.
#3. Under Performance Options, head into the Data Execution Prevention tab.
#4. In the DEP section, select “Turn on DEP for essential Windows programs and services only.”
#5. Or, select “Turn on DEP for all programs and services except those I select” if you wish to prevent specific programs and services from accessing this feature.
How do I know if Data Execution Prevention is on?
To investigate the DEP settings, use the Wmic command-line program. Take the following actions to find out if hardware-enforced DEP is available:
- Click Start,
- Search ‘Run’ and click on it.
- Type cmd in the open box, and then click OK.
- At the command prompt, type the following command, and then press ENTER:
wmic OS Get DataExecutionPrevention_Available
If the output is “TRUE,” hardware-enforced DEP is available.
Should I turn on DEP for all programs?
For your protection, we suggest leaving it on.
Should I disable Data Execution Prevention Windows 10?
Disabling or turning off DEP is not advised since it automatically keeps an eye on important Windows services and programs.
By having DEP monitor every program, you can improve your security. However, you should be aware that turning off Data Execution Prevention or adding exclusions could let malicious scripts run and seriously harm Windows, potentially rendering your computer permanently unstable or unusable.
Any software that has Data Execution Prevention turned off is vulnerable to attack. If the assault is successful, it could then harm your data, contacts, and other programs on your computer. Before making any changes to the Data Execution Prevention settings, see whether the software publisher has a DEP-compatible version or update if you think the application isn’t operating correctly when DEP is enabled.
Is it safe to turn off Data Execution Prevention?
By keeping an eye on your programs to ensure that they are using system memory securely, DEP can help safeguard your computer. When DEP detects that an application on your computer is misusing memory, it alerts you and ends the program.
Is DEP good for gaming?
As DEP doesn’t require any additional CPU power, therefore, turning it off won’t increase FPS. It’s a useful feature, therefore you should leave it enabled.
Importance of SaaS Security: Protecting Your Product and User Data!
What Is A Database Management System?
Can You Get iMovie on Windows? Top 5 Alternatives for Business
References:
