Immediately after the advent of computers, the first computer viruses appeared. And if at first programmers wrote them for fun, later viruses began to be created with the aim of stealing confidential data and performing other malicious actions on the user's computer. One of the barriers in their way is the DEP function.
DEP stands for Data Execution Prevention, or Data Execution Prevention. This function is built into all modern operating systems, including Windows. Its purpose is to block attempts to execute code that is in the data-only memory area. The logic of such a prohibition is simple and straightforward: data is not executable code, but information. If an area of memory is marked "data only", then it cannot contain executable code. And when suddenly in this area of memory a process tries to run the code, this is already a clear sign of an abnormal situation.
Thanks to the DEP function, which monitors the contents of RAM, it is possible to repel many attacks. As soon as it turns out that some program is using system memory incorrectly, DEP immediately closes the application and issues a warning that data execution was prevented.
The protection function is implemented at the hardware and software levels, which increases its reliability. Hardware protection takes advantage of the capabilities of processors that have DEP support. In this case, some areas of memory are marked as not containing executable code. If any program tries to run code from such a memory area, this application is immediately closed.
The need to implement software protection is caused by the peculiarities of the Windows architecture, namely, the exception handling mechanism. The advantage of software protection is that it can work on computers with any processors, including those that do not support DEP. This option protects only the most important system files.
The user has the ability to change the DEP settings. To do this, open the "Control Panel", select the "System" tab, then "System Properties" - "Advanced" - "Performance" - "Options". In the Performance Options window, find the Data Execution Prevention tab. You have the option to enable DEP for essential programs and services only, or for all but those listed. An administrator password is required to change security settings.