DATA EXECUTION PREVENTION: DEP
Description: Data Execution Prevention, commonly known as DEP, is Microsoft’s software implementation that takes advantage of hardware NX or XD support. This functionality marks physical memory locations as being used for executable or non-executable code. If a piece of code is attempted to execute from a memory location that is marked as No-Execute, DEP will step in and prevent this by crashing the application. By default, Windows operates under the following settings:
|Type of OS||Boot.ini Setting||Meaning|
|Server||Optout||All applications and services are monitored|
|Client||Optin||Only Microsoft applications and services are monitored|
Scoping the Issue: When an application crashes due to DEP, you will see a dialog box titled Data Execution Prevention that says Windows has closed the program to protect your computer. If the application is one that you trust, you can add it to the DEP exclusion list under system Performance Options. Limited DEP options are also available for configuration within the registry or from the Application Compatibility Toolkit.
Data Gathering: In all instances, collecting either MPS Reports with the General, Internet and Networking, Business Networks and Server Components diagnostics, or a Performance-oriented MSDT manifest must be done. In addition, back up and export the following registry keys: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\AppCompatFlags\Layers and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\AppCompatFlags\Layers
Troubleshooting / Resolution: If a third-party application is triggering a DEP fault, the vendor of the application should be contacted to debug the application failure. If you are the vendor of a faulting application, it is best to open a case with our Developer Support Group for the product with which the application was written. If a Microsoft process triggers DEP (this should be very rare), then of course we (or the team that owns the faulting component) can investigate as needed.
- AskPerf Blog: To DEP or not to DEP?
- AskPerf Blog: Access Violation? How Dare You!
- Microsoft KB Article 875352: A detailed description of the Data Execution Prevention (DEP) feature in Windows XP SP2, Windows XP Tablet PC Edition 2005 and Windows Server 2003
- Microsoft KB Article 912923: How to determine that hardware DEP is available and configured on your computer