Understanding Data Execution Prevention

by Barry Dysert
(last updated July 20, 2015)

5

Data Execution Prevention (DEP) is a security feature built into the Windows operating system. It is designed to close programs that it detects as viruses or other security threats. Depending upon your CPU, DEP runs in either a hardware-enhanced mode or a software-enhanced mode.

By default, DEP works on certain Windows programs and services. You can, however, customize DEP to have it monitor other programs as well. To do this, click the Start button, then right-click Computer and select Properties. This brings up the following screen. (See Figure 1.)

Figure 1. The Computer Properties screen.

Click the Advanced System Settings link at the left of the screen, and Windows displays the Advanced tab of the System Properties dialog box. (See Figure 2.)

Figure 2. The Advanced tab of the System Properties dialog box.

In the Performance group, click Settings. Windows displays the Performance Options dialog box. Make sure the Data Execution Prevention tab is selected. (See Figure 3.)

Figure 3. The Data Execution Prevention tab of the Performance Options dialog box.

Note that this is showing the Data Execution Prevention tab, and as you can see, the default action is already selected. If you want to turn on DEP for all programs and services except those you specify, click the second radio button. This enables the Add button. When you click Add, a file browser opens to allow you to select which programs should not be checked by DEP. (You cannot add an essential Windows program or service to be precluded.) When you're satisfied when your selections, OK your way out.

 This tip (12480) applies to Windows 7.

Author Bio

Barry Dysert

Barry has been a computer professional for over 30 years, working in different positions such as technical team leader, project manager, and software developer.  He is currently a senior software engineer with an emphasis on developing custom applications under Microsoft Windows. ...

MORE FROM BARRY

Getting Rid of Hidden Thumbs.db Files

A hidden file that the system uses to speed performance of your viewing folders containing pictures is called Thumbs.db. ...

Discover More

Understanding the Pictures Folder

The Pictures folder is one of several system libraries specifically optimized to hold digital pictures. This tip tells you ...

Discover More

Using Powercfg to Duplicate an Existing Power Scheme

The Powercfg utility allows you to control how power is used on your system. This tip shows you how to use the command-line ...

Discover More
More WindowsTips

Understanding Windows SIDs

This tip presents some information about Windows SIDs (Security Identifiers) and shows you some tools that you can use to ...

Discover More

Understanding Action Center

Action Center provides you with a quick overview of security and maintenance issues and allows you to drill down to the ...

Discover More

Limiting the Number of Login Attempts

You probably don't want to allow someone to continually attempt to login to your system until they finally guess your ...

Discover More
Subscribe

FREE SERVICE: Get tips like this every week in WindowsTips, a free productivity newsletter. Enter your address and click "Subscribe."

View most recent newsletter.

Comments

If you would like to add an image to your comment (not an avatar, but an image to help in making the point of your comment), include the characters [{fig}] in your comment text. You’ll be prompted to upload your image when you submit the comment. Maximum image size is 8Mpixels. Images larger than 600px wide or 1000px tall will be reduced. Up to three images may be included in a comment. All images are subject to review. Commenting privileges may be curtailed if inappropriate images are posted.

What is 5 + 0?

2016-12-19 07:12:47

Magician

what system services involved in Data Execution Prevention?


2015-07-20 10:55:59

Phil Rabichow

It's hard to give examples because, over time, each person's computer becomes very unique. IF DEP shuts down a particular program or service that you have, then you can research it on the web. If you've downloaded something from a reputable company & website, then you might add it as an exception.

For example, I have a hard drive health program that trips DEP (HDDHealthService), & so I added it as an exception.

If you download & run Sysinternals Autoruns, it will list all the processes running on your computer. It is a subsidiary of Microsoft. You can right click on any process & choose "Search online..." to find out it's purpose.

Bill, some sites that will give you information about various programs & services are:
http://www.answersthatwork.com/home_page.htm
http://www.bleepingcomputer.com/startups/
http://www.sysinfo.org/startuplist.php?
http://www.what-is-exe.com/

Hope this helps you,


2015-07-20 09:36:41

Bill

Thanks for your great tips, Allen.
Similar to alligatorGreen's question. How do I know what programs to include/exclude. I find it difficult to determine the function and interactions of programs based solely on their names.
Perhaps a better question would be: how do I determine what a program does for me and/or my computer?


2015-07-20 06:56:55

Barry

If you're developing typical application software, you should leave this setting at its default. However if you're writing software that talks directly to the operating system or peripherals at specific addresses, you may want to turn DEP off for that program. The reason is that computer malware is sometimes written with malicious instructions placed in a program where data is supposed to live, and if this is detected Windows will shut the application down. However, writing system-level software often requires that you perform such unusual feats in your program.


2015-07-20 06:43:21

alligatorGreen

Good tip, but can we have some examples of programs that shouldn't be monitored by DEP and why they shouldnt? Thank you!


Newest Tips
Subscribe

FREE SERVICE: Get tips like this every week in WindowsTips, a free productivity newsletter. Enter your address and click "Subscribe."

(Your e-mail address is not shared with anyone, ever.)

View the most recent newsletter.