Results 1 to 7 of 7
  1. #1
    iNET Interactive
    Join Date
    Jan 2011
    Location
    Seattle, WA
    Posts
    698
    Thanks
    11
    Thanked 67 Times in 53 Posts

    When Data Execution Prevention malfunctions




    LANGALIST PLUS


    When Data Execution Prevention malfunctions



    By Fred Langa

    Data Execution Prevention is an important Windows security subsystem; here's how it works and how to fix it when it misbehaves. Plus: How to use Windows' three different timestamps to help locate lost files.


    The full text of this column is posted at windowssecrets.com/langalist-plus/when-data-execution-prevention-malfunctions/ (paid content, opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

  2. #2
    2 Star Lounger
    Join Date
    Mar 2004
    Posts
    138
    Thanks
    11
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Kathleen Atkins

    When Data Execution Prevention malfunctions
    Fred,
    Just one small comment on something I see mis-stated many times. Unfortunately, the date saved under the "date created" label, is in fact the date the file first appeared on the system you are looking at, not the date it was actually 'created'. So when I copy a set of files from someone else - who has the actual creation dates available to them I lose that info - it's replaced by the date I copied the files onto my system. I write in the hope that there is some way around this - or at least to plea for a more accurate description of what this 'date' represents.

    Petermat
    Last edited by RetiredGeek; 2014-08-21 at 12:02. Reason: Added end quote tag

  3. #3
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Vancouver, BC, Canada
    Posts
    133
    Thanks
    2
    Thanked 7 Times in 7 Posts
    re: Step 2
    I don't use IE much but opened it to check.
    In Win7 is was called "Enable Enhanced Protection Mode"
    It was unchecked. When I checked it and restarted, it warned me that it was disabling incompatible plugins. Those were Adobe PDF and Java.
    That may be a clue why it was off. Not due to malware.

    And yet another reason I prefer Firefox.

  4. #4
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,306
    Thanks
    138
    Thanked 113 Times in 97 Posts
    Quote Originally Posted by DavidFB View Post
    re: Step 2
    I don't use IE much but opened it to check.
    In Win7 is was called "Enable Enhanced Protection Mode"
    It was unchecked. When I checked it and restarted, it warned me that it was disabling incompatible plugins. Those were Adobe PDF and Java.
    That may be a clue why it was off. Not due to malware.

    And yet another reason I prefer Firefox.
    Ah, those Adobe Reader and Java plugins! They are not only insecure, but now we see they are not fully stable with regards to things like software DEP.
    -- Bob Primak --

  5. #5
    2 Star Lounger
    Join Date
    Jun 2010
    Location
    sydney
    Posts
    135
    Thanks
    14
    Thanked 13 Times in 11 Posts
    Quote Originally Posted by petermat View Post
    Fred,
    Just one small comment on something I see mis-stated many times. Unfortunately, the date saved under the "date created" label, is in fact the date the file first appeared on the system you are looking at, not the date it was actually 'created'. So when I copy a set of files from someone else - who has the actual creation dates available to them I lose that info - it's replaced by the date I copied the files onto my system. I write in the hope that there is some way around this - or at least to plea for a more accurate description of what this 'date' represents.

    Petermat
    I doubt Fred mis-understands the meaning of Date Created, rather he, like you, falls into the trap of not being precise.

    In essence a file has two parts - a directory (folder) entry, referred to as an i-node, and the file content, referred to as a data stream. The Date Created refers to the directory entry (i-node) whilst the the Date Modified refers to the file content (data stream).

    The Date Created is the timestamp that this copy of the file was created in this location. The Date Modified is the timestamp on which the content of the file was last changed. Thus it is that the Date Modified is often earlier than the Date Created - which is counter intuitive, and leads to confusion.

    I have knowingly ignored the 'wrinkles' that hardlinks and symbolic links introduce.

    =======================

    On the broader issue of moving folders and files around - it's a significantly easier and safer to do with a multi-pane file manager, because you can avoid the inherent inaccuracies of drag and drop. That windows/file explorer is a single pane app borders, IMO, on criminal negligence. But if MS made it 2 pane the regulators in US and EU would have them up on anti-trust charges <sigh> I use xplorer2.

    nw
    Last edited by northwood2222; 2014-09-01 at 03:33. Reason: last sentence and file manager comment

  6. #6
    Star Lounger
    Join Date
    Oct 2013
    Location
    Phoenix, AZ
    Posts
    66
    Thanks
    9
    Thanked 8 Times in 8 Posts
    Thanks Fred! I had been checking back for some time now wishing EMET 5 would get out of beta. Just got through installing it even though I suspect some would advise letting people like me to try (test) it first for a couple of months before installing it in case something was missed in beta.

  7. #7
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,306
    Thanks
    138
    Thanked 113 Times in 97 Posts
    Quote Originally Posted by Fascist Nation View Post
    Thanks Fred! I had been checking back for some time now wishing EMET 5 would get out of beta. Just got through installing it even though I suspect some would advise letting people like me to try (test) it first for a couple of months before installing it in case something was missed in beta.
    What is the rush? Is EMET 4 not good enough for you?
    -- Bob Primak --

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •