What is Data Execution Prevention in Windows 10

It’s a very valuable security feature

Data Execution Prevention (DEP) is a system-level security feature included in Windows machines. The main purpose of DEP is to monitor processes and services to protect against malicious code exploits by shutting down any program that doesn’t run properly in memory.

The feature, which is also known as executable space protection, comprises a set of hardware and software technologies that carry out extra system memory checks to stop malicious code from running.

Whenever a harmful program tries to execute code in specific system memory locations reserved for authorized programs and Windows, DEP marks them as non-executable and throws an error.

All this happens so as to prevent any damage to your computer from viruses and other security threats. However, DEP may sometimes conflict with legitimate programs like your antivirus, in which case you may have to disable the feature for specific apps.

How Data Execution Prevention in Windows 10 Works

DEP isn’t a comprehensive defense against all malicious code exploits; it’s just another tool you can use alongside your security software to secure your apps.

In many operating systems, there are reserved memory regions where critical programs and functions run. This memory space is limited, so if anything that isn’t written correctly or malicious code gets in, it could occupy too much space leaving you with a buffer overflow situation.

When that happens, it could give access to potentially critical data to users or programs that shouldn’t access it.

DEP steps in to counter such access or execution by anyexecutable programsthat aren’t allowed to load in the system memory areas. The feature raises an exception immediately when it detects suspicious code loading and prevents it from running.

The downside with DEP is that it may flag older non-Microsoft programs that rely on Windows Services. However, you can disable DEP or create an exception in your system settings in order to run such programs.

Note: Some DEP errors are caused by outdated device drivers in the system.

Types of Data Execution Prevention in Windows 10

There are two different methods of creating DEP:

A hardware-based DEP detects suspicious code that runs from memory regions as non-executable, intercepts and raises an exception toprevent any attacks to the system. The only exception is where the region specifically contains executable code.

Hardware-based DEP relies on processor hardware to mark memory with an appropriate set of attributes that indicate that code shouldn’t be executed from that memory.

In order to use hardware-based DEP, the following conditions must be met:

Not sure which version of Windows is running on your PC? Here are4 ways to tell if you’re using 32-bit or 64-bit Windows.

Software-based DEP is an additional set of DEP security checks that help prevent malicious code from leveraging exception-handling mechanisms in Windows.

This type of DEP runs on any processor that’s capable of running Windows XP Service Pack 2, and protects only limitedsystem binaries, regardless of your processor’s hardware-based DEP capabilities.

How to Know if DEP Is Active on Your Windows 10 PC

You can check the DEP status on your PC system using the following steps:

Note: Most conflicts are caused by 32-bit programs, and you can’t exclude 64-bit programs from DEP.

How to Enable or Disable DEP in Windows 10

You can disable DEP in Windows 10 so as to make specific exceptions or modifications for some applications to be used on Windows 10. This is not recommended, but if you must, the only way to do it at the present time is through a command line.

Note: If you want to turn off DEP for a program that you trust, check first whether the publisher has a DEP-compatible version available, or has updates available. If a DEP-compatible version or update is available, install it and leave DEP active so you can enjoy the protection it can give. Otherwise disabling DEP may leave your systemvulnerable to an attackthat could spread to other files and programs.

Enjoy DEP Protection

While Data Execution Prevention is a valuable feature, not all software and hardware fully supports it. For this reason, your PC may experience certain issues and error messages owing to the conflicts some Windows processes face when working with DEP.

However, DEP is among the most basic Windows-based system protections. Unless there’s a valid reason to disable it, DEP should always remain active by default and be treated with caution.

Elsie is a technology writer and editor with a special focus on Windows, Android and iOS. She writes about software, electronics and other tech subjects, her ultimate goal being to help people out with useful solutions to their daily tech issues in a simple, straightforward and unbiased style. She has a BCom degree in Marketing and currently pursuing her Masters in Communications and New Media.Read Elsie’s Full Bio

Welcome to Help Desk Geek- a blog full of tech tips from trusted tech experts. We have thousands of articles and guides to help you troubleshoot any issue. Our articles have been read over 150 million times since we launched in 2008.

HomeAbout UsEditorial StandardsContact UsTerms of Use

What is Data Execution Prevention in Windows 10#

How Data Execution Prevention in Windows 10 Works#

Types of Data Execution Prevention in Windows 10#

How to Know if DEP Is Active on Your Windows 10 PC#

How to Enable or Disable DEP in Windows 10#

Enjoy DEP Protection#