|
| |
| | Changes to Functionality in Microsoft Windows XP Service Pack 2: Part 3: Memory Protection Technologies |
 | | Data execution prevention (DEP) is a set of hardware and software technologies that perform additional checks on memory to help protect against malicious code exploits. In Windows XP SP2, DEP is enforced by both hardware and software. | | | Therefore, executable code in data sections should be migrated to a code section, or the data section containing the executable code should be explicitly marked as executable. | | | Hardware-enforced DEP relies on processor hardware to mark memory with an attribute that indicates that code should not be executed from that memory. |
|
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2mempr.mspx
(3396 words)
|
|
| |
| | Blog 6-2005 |
| | Click on the "Data Execution Prevention" tab and then click the radio button "Turn on DEP for all programs and services except those I select". | | | Even data that is was on the disk before but was not written over. | | | Unless you wipe the disk with a disk wiping program (writing zero's across it) the previous data (if there was any) is still there. |
|
http://www.pantz.org/blog/blog-06-2005.shtml
(598 words)
|
|
| |
| | Windows XP Service Pack 2 - Common Issues |
| | There are known issues between DIVX 5.2 and the memory protection improvements provided as part of SP2 (Data Execution Prevention). | | | However you can 'Turn on DEP for all programs and services except those I select' and exclude the applications which will use the codec such as explorer.exe and wmplayer.exe using the in System Properties > Advanced Tab > Performance Settings > Data Execution Prevention Tab, however you may cause problems with other applications. | | | Once a new version of DIVX compatible with SP2 is released you should upgrade and re-enable DEP for security purposes on your machine. |
|
http://www.mvps.org/marksxp/WindowsXP/SP2/common.php
(2089 words)
|
|
| |
| | Windows XP SP2 Said at Risk From Heap Overflow |
| | The attack with also effectively bypass Microsoft's Data Execution Prevention (DEP) measures, which could leave a PC wide open to further infiltration and damage. | | | "It's important to note that data execution protection and heap overflow protection were never meant to be foolproof; the purpose of these features is to make it more difficult for an attacker to run malicious software on the computer as the result of a buffer overrun," the Microsoft e-mail states. | | | With data volume growth at 40% to 50% each year, it becomes increasingly difficult for administrators to back up mission critical data in acceptable time frames. |
|
http://www.enterpriseitplanet.com/security/news/article.php/3467201
(696 words)
|
|
| |
| | CXOtoday.com > News > Security > Major Windows Security Update Foiled |
| | Two flaws present in Microsoft Windows XP SP2 Heap protection and Data Execution Prevention mechanism, makes it possible to implement, an arbitrary memory region write access (smaller or equal to 1016 bytes), plus an arbitrary code execution. | | | The SP2 measure, known as Data Execution Protection (DEP), is intended to prevent would-be attackers from inserting rogue code into a PC's memory and tricking Windows into running the program. | | | During the first execution, this program shows the list of applications, which already have this flag set. |
|
http://www.cxotoday.com/cxo/jsp/article.jsp?article_id=2703&cat_id=909
(517 words)
|
|
| |
| | DUC: HELP! Pro Tools crashes at "Creating DAE Objects" |
| | Windows XP SP2 (Service Pack 2) introduced some new Data Execution Prevention features that are designed to prevent certain types of malicious code attacks. | | | There are two components to these new features: software protections and hardware protections. | | | When SP2 was released, very few pieces of hardware supported the hardware protections and we didnt see any problems with Pro Tools. |
|
http://duc.digidesign.com/showflat.php?Number=817847
(449 words)
|
|
| |
| | Nikon Software crash with SP2 and AMD-64bit - FM Forums |
| | Detailed description of the data execution prevention feature in Windows XP SP2 | | | Disabling the 'Data Execution Protection' should work on those machines. | | | On other systems you can try to disable the 'Data Execution Protection'. |
|
http://www.fredmiranda.com/forum/topic2/129716
(684 words)
|
|
| |
| | NetMotion Wireless - Tech Note 2180: Bluescreen or Continuous Reboot After Installing Mobility Client |
| | Data execution prevention (DEP) is a set of hardware and software technologies that perform additional checks on memory to help protect against malicious code exploits. | | | If you have a new laptop on which Data Execution Protection (DEP) is enabled, you may see problems booting when the Mobility XE client is installed. | | | For more information on DEP, see this document on the Microsoft site: http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2mempr.mspx |
|
http://www.netmotionwireless.com/support/technotes/2180.asp
(294 words)
|
|
| |
| | Back door breach of Windows XP SP2 - Fireworks MX Zone - FWzone.NET |
| | In October 2004 it was discovered by MaxPatrol team that it is possible to defeat Microsoft® Windows® XP SP2 Heap protection and Data Execution Prevention mechanism. | | | Back door breach of Windows XP SP2 It is all to do with the SP2 measure, known as Data Execution Protection, which is intended to prevent attackers from inserting rogue code into a PC's memory and tricking Windows into running the program. | | | During the first execution this program shows the list of applications which already have this flag set. |
|
http://www.fwzone.net/ShowDetail.asp?NewsId=7714
(731 words)
|
|
| |
| | Windows XP SP2 and Outpost - Outpost Firewall User's Support Forum |
| | If /NoExecute=AlwaysOff makes no difference, then change the line to /Execute instead (see MS KB 875352 - Detailed description of the data execution prevention feature in Windows XP SP2 for details). | | | Problems have been reported with Outpost 2.1 and the Data Execution Protection (DEP) feature which requires a processor supporting the NX flag (AMD Athlon 64 and Intel Itanium processors) to work fully (see Microsoft Technet: Memory Protection Technologies for more details). | | | If you use DEP with Outpost 2.1, please configure it to exclude Outpost (via My Computer/Properties/Advanced/Performance/Data Execution Protection - if using the "Turn on DEP for all programs..." option, add Outpost.exe to the exceptions list underneath). |
|
http://outpostfirewall.com/forum/showthread.php?t=11186
(338 words)
|
|
| |
| | The Windows Observer--Windows Server 2003 SP1 Now Available |
| | The new Data Execution Prevention (DEP) feature in Windows Server 2003 SP1 supports the "no execute" capability in the latest X86 processors from AMD and Intel. | | | This feature protects against some buffer overflow attacks and other types of malicious code by performing additional checks on memory. | | | This is a very important feature in today's world, where unprotected Windows servers running un-updated releases of the operating system have shown to become infected with viruses, worms, and Trojan Horses in a matter of minutes after being connected to the network. |
|
http://www.itjungle.com/two/two040605-story03.html
(812 words)
|
|
| |
| | Michael Howard's Web Log : Windows XP SP2 and Nikon Software |
| | Read this for more info: "You receive a "Data Execution Prevention" error message in Windows XP Service Pack 2" at http://support.microsoft.com/default.aspx?scid=kb;en-us;875351 | | | I think this is a great usability enhancer; compare that with clicking the Start menu, right clicking My Computer, clicking properties, clicking Advanced, clicking Performance Settings, clicking the Data Execution Protection Tab and then finding the executable on the hard drive! | | | I got the AMD Athlon CPU primarily for the Data Execution Protection support. |
|
http://blogs.msdn.com/michael_howard/archive/2004/08/20/217806.aspx
(462 words)
|
|
| |
| | NXTEST Home Page |
| | Starting with Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, Windows supports a new security enhancement called Data Execution Prevention (DEP). | | | This feature prevents execution of program code in memory regions which normally do not contain any program code, such as the program stack, the process heap or data segments. | | | To find out further details about Data Execution (DEP) and No Execute (NX), follow these links: |
|
http://user.cs.tu-berlin.de/~normanb
(462 words)
|
|
| |
| | Windows XP SP-2 |
| | For programs that exhibit issues on 64-bit-based computers that support the No Execute (NX) technology, the new Data Execution Prevention feature that is included with Windows XP SP2 may be preventing the programs from running correctly. | | | For additional information about how to use the Data Execution Prevention feature, click the following article number to view the article in the Microsoft Knowledge Base: |
|
http://www.pro1040.com/computer_consulting/windows_xp_sp2.htm
(851 words)
|
|
| |
| | Programs that are known to experience a loss of functionality when they run on a Windows XP Service Pack 2-based computer |
| | For programs that exhibit issues on 64-bit-based computers that support the No Execute (NX) technology, the new Data Execution Prevention feature that is included with Windows XP SP2 may be preventing the programs from running correctly. | | | For more information about how to use the Data Execution Prevention feature, click the following article number to view the article in the Microsoft Knowledge Base: | | | This article contains a list of programs that are known to experience loss of functionality when they run on a Microsoft Windows XP Service Pack 2 (SP2)-based computer. |
|
http://support.microsoft.com/default.aspx?kbid=884130&product=windowsxpsp2
(869 words)
|
|
| |
| | Device drivers filled with flaws, threaten security |
| | Known as Data Execution Prevention or DEP, the feature prevents data, which has been inserted in memory by a malicious exploit, from running. | | | While buffer overflows, a type of memory flaw that can lead to serious vulnerabilities, are quickly being eradicated in critical applications, the flaws are still easily found in device drivers, said David Maynor, a research engineer for Internet Security Systems' X-Force vulnerability analysis group. | | | Device driver flaws can be more dangerous than other application vulnerabilities because device drivers are, in most cases, part of the kernel itself and subverting the critical software gives an attacker direct access to the kernel. |
|
http://www.securityfocus.com/news/11189
(1005 words)
|
|
| |
| | Defect tracking - Wikipedia, the free encyclopedia |
| | Calculate defect data with periodic reviews using test logs from the execution phase: this data should be used to segregate and classify defects by root causes. | | | Defect tracking is important in software engineering as complex software systems typically have tens or hundreds of thousands of defects: managing, evaluating and prioritizing these defects is a difficult task: defect tracking systems are computer database systems that store defects and help people to manage them. | | | Defect prevention can be implemented by preparing an action plan to minimize or eliminate defects, generating defect metrics, defining corrective action and producing an analysis of the root causes of the defects. |
|
http://en.wikipedia.org/wiki/Defect_tracking
(312 words)
|
|
| |
| | Bitsum Technologies Home |
| | In addition, PECompact is 100% compatible with software and hardware based Data Execution Prevention (DEP) and Windows XP/2003 x64 Windows-On-Windows64 (32-bit subsystem in Windows64). | | | Trims portable executables by realigning, restructuring, and stripping unnecessary data. | | | PECompact compresses win32 executables and DLLs (all portable executables except NT device drivers) using high-performance compression algorithms and sophisticated pre-processing and restructuring. |
|
http://www.collakesoftware.net
(1233 words)
|
|
| |
| | ASEAN and China Cooperative Operations in Response to Dangerous Drugs (ACCORD), Bangkok, Thailand, 13 October 2000 |
| | UNDCP, ASEAN and China through the Global Assessment Programme, will provide technical assistance for the development of data collection systems that meet international standards, for the development of technical competence in system management, and in assessment methodology and reporting by the end of year 2003. | | | UNDCP and ASEAN will raise funds from funding sources for financing ASEAN Three Year Plan Action on Drug Abuse Control and the Accord Plan of Action and for assisting the countries in the execution of these plans of action. | | | UNDCP, ASEAN and China and other regional bodies will, through the UN/ESCAP Regional Coordination Meeting (RCM) II Theme Group on Drug Control and Crime Prevention, by 2001 develop a focused plan of action for the regional development of community participation approaches to ATS prevention and treatment. |
|
http://www.aseansec.org/645.htm
(3764 words)
|
|
| |
| | Programs that are known to experience a loss of functionality when they run on a Windows XP Service Pack 2-based computer |
| | For programs that exhibit issues on 64-bit-based computers that support the No Execute (NX) technology, the new Data Execution Prevention feature that is included with Windows XP SP2 may be preventing the programs from running correctly. | | | For client-based and server-based programs that communicate over the Internet or over a network, the new Windows Firewall feature that is included with Windows XP SP2 may be blocking unsolicited connections to your computer. | | | If you are using a program that appears on this list, contact the software vendor for more information. |
|
http://support.microsoft.com/default.aspx?kbid=884130&product=windowsxpsp2
(869 words)
|
|
| |
| | Sense of Wonder The demise of stack based buffer overflow exploits? |
| | This and the.NET platform will deter hackers to exploit stack based buffer overflows but, without quantitative data of the number and percentage of these exploits over time, which Ive been unable to find and I'm almost sure that it doesn't exist, nothing will be learned from the impact of these security technologies. | | | Looking to the future, Windows 2003 uses the hardware based protection of the latest processors(AMD's Execution Protection and Intel Itanium), which feature more bits to properly mark pages as non-executable. | | | Some argue that all the previous protections deplete resources and can easily be bypassed("Defeating the Stack Based Buffer Overflow Prevention Mechanism of Microsoft Windows 2003 Server", "Bypassing StackGuard and StackShield"), but the real goal is to prevent the exploitation with cutandpaste shellcodes and make it harder to exploit stack based buffer overflows. |
|
http://www.cerezo.name/archives/000015.html
(233 words)
|
|
| |
| | The IT Inside the World's Biggest Company - INTERVIEW - CIO Magazine Jul 1,2002 |
| | In security, companies typically spend maybe 20 percent on prevention and 80 percent on recovery or dealing with problems after the fact. | | | With the Enron and Wall Street scandals, we've seen how important it is to know how the data that's driving the company is being handled, managed and monitored. | | | That's something we talk a lot about because, as a company, we're big on execution. |
|
http://www.cio.com/archive/070102/walmart.html
(233 words)
|
|
| |
| | Neowin.net - Windows XP Service Pack 2 to Activate NX bit on AMD chips |
| | AMDs enhanced virus protection security technology in combination with Microsofts Data Execution Prevention in the upcoming Windows XP SP2 is designed to help render some viruses, specifically buffer overrun exploits, inoperable and prevent them from replicating and spreading to other systems. | | | The core of AMDs Enhanced Virus Protection is the so-called NX bit in the page-translation tables that specifies whether instructions can be executed from the page. | | | The capability is also available on Intels Itanium and Itanium 2 microprocessors, but is not present in IA32e chips, such as Intel Pentium 4 E also known as Prescott, unlike suggested by certain sources last year. |
|
http://www.neowin.net/comments.php?category=main&id=17854
(587 words)
|
|
| |
| | news |
| | To provide all relevant data, analyses and deductions required for the formulation of an Action Plan by BCC for (a) improving the maternal and child health among the urban poor and (b) reducing the fertility among them. | | | To help the local bodies in the state of Tamil Nadu in the preparation of a pragmatic FOP to access the funds available under the MUDF for the execution of need-based developmental projects, both service oriented and remunerative. | | | To review the efficacy of the existing environmental legislation on HWM; to identify the difficulties, impediments of environmental laws; to provide suggestions for improving the effectiveness of achieving environmental protection, prevention and restoration in environmentally high-sensitive areas. |
|
http://www.stemgroup.org/news.html
(587 words)
|
|
| |
| | Sunbelt BLOG: Microsoft clarifies "DEP" issue |
| | “Microsoft has continued to investigate the use of software-enforced Data Execution Prevention (DEP) to mitigate the Windows Meta File vulnerability for Windows XP Service Pack 2 users. | | | Another had problems getting DEP itself to even work at all, instead having to set a manual switch in the boot.ini file — and even then we’re not sure it stops the exploit. | | | It’s a pretty important issue, because if hardware-enforced DEP is a way to protect against the exploit, it would put a lot of people’s minds at ease. |
|
http://sunbeltblog.blogspot.com/2005/12/microsoft-clarifies-dep-issue.html
(548 words)
|
|
| |
| | Execution Protection - Developer Implications |
| | A new shim, ââ¬ÅDisable NXââ¬Â, is included with ACT that disables Data Execution Prevention for an application, allowing it to run properly. | | | If an application does not allocate executable memory from a dedicated heap, it must be altered to do so. | | | Should this occur, the developer or system administrator can apply a ââ¬Åshimââ¬Â, a piece of code that gets inserted into a call stack or chain of code. |
|
http://msdn.microsoft.com/security/productinfo/XPSP2/memoryprotection/exec_imp.aspx
(548 words)
|
|
|
