what does DEP stand for or what is it?

Can't do 3 character searches, so my attempts to search for an explanation have not come up with anything.

Can some explain, or point me to a post that explains?

Thanks

 

thank you

 

ok, from the bit of searching I have done, it appears that to use this you either set

/noexecute=AlwaysOn or
/noexecute=OptOut

So, of those who use this, is there a list of legitimate software which fails to operate properly when this is used? I guess I'm looking more for
"Not very much"
or
"Yes, quite a few problems"
rather than titles. Unless there are a few VERY common titles (like firefox of something).

Are there security issues if you use OptOut instead of AlwaysOn?

I'd change the title of the thread if I knew how and had permission.

Thanks some more.

 

I use a great deal of widely different software and problems with DEP have been few and far between,pretty much the only one that comes to mind was a satellite card programmer.

 

In the contrary, Hardware DEP isn't effective with the wmf exploits POC's I have tested.

See... https://www.wilderssecurity.com/showpost.php?p=1560623&postcount=6

 

You are right. Hardware DEP is definitely better than Software DEP. I'm just trying to inform that Hardware DEP didn't stop most of the wmf test POC's I had tested as effective as one would have it as advertised before as a workaround. If it definitely did try to stop most of the buffer overflows, then, that be would be such a wonderful thing. An end to "most" of the malwares as you have said as somewhat the prevalence of those malwares using such exploits to those vulnerabilities.

If we translate that to realworld, Hardware DEP, was only able to block only a few of them and not so much and definitely not all. But still useful, as I myself have it enabled on all of my system and it will catch a few once in a while.

On your question, that's always a possibility. And the only people who can shed light are the experts or the POC authors themselves.

There's a nifty little freeware called Slipfest which uses buffer overflows to test one's system defences. Unticking the option, "run on stack" will make all buffer overflows undetectable by comodo memory firewall, while all or most of the times a Classical HIPS will be able to detect the endpoint which is "the launching of the calculator". Some testings, Classical HIPS is a failure. For the simple reason, that HIPS are not designed to intercept the actual buffer overflows. While Hardware DEP didn't even give any notice or interception. Not even one and, thus, end up as a complete failure in all of the testings with Slipfest.