Skip to main content

Home Data execution prevention

Data execution prevention

(also DEP)

Data execution prevention definition

Data execution prevention is a Windows security feature. It prevents the system from executing code from certain memory locations (usually stack and heap). This block is meant to protect the computer from malware.

DEP works by marking memory pages as either executable or non-executable. When code attempts to run from a non-executable memory region, the system raises an exception and terminates the offending program.

See also: buffer overflow attack, computer worm

History of the data execution prevention feature

DEP was created in the early 2000s as a response to a rising number of buffer overflow attacks. These attacks exploit vulnerabilities in software by injecting and executing malicious code through overflow regions —like the stack. Early implementations appeared in Linux systems with the NX (No Execute) bit, and Microsoft's Windows XP Service Pack 2 later integrated DEP. It was vital in combating many notorious buffer overflow-based worms and exploits from the early 2000s, like the Blaster and Slammer worms.

Advantages and disadvantages of the data execution prevention feature

DEP is easy for administrators and users to configure and tailor the protection levels while also being compatible with modern systems without difficult modifications.

However, it’s prone to false positives — some legitimate software may trigger DEP and be terminated, making the user frustrated. And while it’s a great security feature, it’s not a catch-all solution. Besides, using it might slightly affect your computer’s performance, so that is also something to keep in mind.