From collectibles to cars, buy and sell all kinds of items on eBay
home | pay | site map
Shop for itemsSell your itemTrack your eBay activitiesLearn, connect, and stay informed-for business and for funGet help, find answers and contact Customer SupportAdvanced Search
Home > Listing Index > Games > Data Execution Prevention

Games - Data Execution Prevention

Data Execution Prevention (abbreviated DEP) is a feature included in modern Microsoft Windows
operating systems that is intended to prevent an application or service from executing code from a non-executable memory region. This helps prevent certain exploits that store code via a buffer overflow, for example. DEP runs in two modes: hardware-enforced DEP for CPUs that can mark memory pages as nonexecutable., and software-enforced DEP with a limited prevention for CPUs that do not have hardware support.

Hardware protection

Hardware-enforced DEP enables the NX bit on CPUs that support it. DEP is a feature in Windows XP
Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows Server 2003
Service Pack 1. Windows Vista
and later operating systems will continue to support this feature as well.

DEP works by marking certain parts of memory as being intended to hold only data, which the NX or XD bit enabled processor then understands to not be executable. This helps prevents buffer overflow attacks from succeeding.

In some instances, Data Execution Prevention can have the unintended consequence of preventing legitimate software from executing. In these cases, the affected software needs to be flagged as being allowed to execute code in those parts of memory, but this itself leads to a possible attack if the application isn't rigorous in validating data that is passed into a region of memory that is marked as being executable.

If the x86 processor supports this feature in hardware, then the NX features are turned on automatically in Windows by default. If the feature is not supported by the x86 processor, then no protection is given. Outside of the x86 architecture, a version of NX also exists for Intel's IA-64 which is implemented into the Windows that operates that architecture.

Software protection

Software DEP, while unrelated to the NX bit, is what Microsoft calls their enforcement of "Safe Secure Exception Handling". Software DEP/SafeSEH simply checks when an exception is thrown to make sure that the exception is registered in a function table for the application, and requires the program to be built with it. This is likely a countermeasure to handle an exploit possible because of the way DEP handles NX faults. It is not possible for a program to truly recover from such an attack, however, because program flow is destroyed in an unrecoverable manner.

Unlike similar protection schemes available on other operating systems, DEP provides no address space layout randomization, which may allow return-to-libc attacks that could feasibly be used to . The possibility has not yet been proven on Windows specifically; but the PaX documentation on why ASLR is necessary. It may be possible to develop a successful attack if the address of prepared data such as corrupted images or MP3s can be known by the attacker.

[ Visit the complete Wikipedia entry for Data Execution Prevention ]


Searches on eBay

Some related entries: NBA Live series | GoPets | Muamman Duathal | Chris Sawyer | Acrophobia | TOSEC | BeBox | Alpha Blitz | FLCL | Reach for the Top | GAMES 100

eBay Pulse | eBay Reviews | eBay Stores | Half.com | Kijiji | PayPal | Popular Searches | ProStores | Rent.com | Shopping.com
Australia | Austria | Belgium | China | France | Germany | India | Italy | Spain | United Kingdom

About eBay | Announcements | Security Center | Policies | Site Map | Help
Copyright © 1995-2005 eBay Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this Web site constitutes acceptance of the eBay User Agreement and Privacy Policy.

eBay official time