Control ill-behaved apps with DEP in IE

Susan bradley By Susan Bradley

Internet Explorer 8 includes a security feature that shuts down misbehaving applications before they can harm your system.

This capability, known as Data Execution Prevention (DEP), runs by default when IE 8 is installed on XP SP3 and Vista SP1 or later, but it may not always be clear to you why DEP has put the brakes on one of your PC’s applications.

DEP is the best reason I know for updating to Internet Explorer 8 and Vista SP1. For many years, Microsoft has included DEP — which is also called No-Execute (NX) — only in parts of Windows. For example, DEP is available in IE 7 but is off by default to avoid conflicts with old, incompatible programs.

DEP is now a key part of Vista and Internet Explorer 8. When I try to install older software on newer machines, I must configure Data Execution Prevention to allow the software installer to run with DEP disabled. (See Figure 1.)

Data execution prevention dialog
Figure 1. You can configure Data Execution Prevention to create an exception for an application.

This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.

= Paid content

All Windows Secrets articles posted on 2009-09-17:

Susan Bradley

About Susan Bradley

Susan Bradley is a Small Business Server and Security MVP, a title awarded by Microsoft to independent experts who do not work for the company. She's also a partner in a California CPA firm.