HP dx6128 Data Execution Prevention - White Paper, 2nd Edition - Page 16

Frequently Asked Questions

Get HP dx6128 - Microtower PC PDF manuals and user guides View all HP dx6128 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 16 highlights

Frequently Asked Questions What is XD? Execute Disable Bit (XD) functionality can prevent certain types of buffer overflow attacks when used with a supporting operating system and system BIOS. XD allows the processor to classify areas in memory where application code can and cannot execute. When a virus or worm attempts to insert code in the buffer, the processor disables code execution, preventing damage or virus or worm propagation. This feature works with Microsoft's Data Execution Prevention software to help prevent execution of malicious software such as a virus or a worm. The user benefits from increased network security as the malicious code cannot propagate or spread to infect more computers. Support staff also benefits from much improved containment and easier eradication of unwanted software. What is NX? NX is the term AMD uses for XD. What is DEP? Data Execution Prevention (DEP) is the terminology Microsoft uses for XD and NX. In Windows XP Service Pack 2 (SP2), Microsoft introduced DEP, which is a processor feature that prevents execution of code in memory that is marked as data storage. This limits the "attack surface", specifically for buffer overrun vulnerabilities, where an attacker typically overruns a buffer with code and then executes this code. Unlike a firewall or antivirus program, DEP does not help prevent harmful programs from being installed on your computer. Instead, it monitors your programs to determine whether they use system memory safely. Windows XP SP2 uses two types of DEP: • Hardware-enforced DEP - Hardware-enforced DEP provides data protection with hardware (processor) support, requiring use of Windows XP SP2 and a processor that supports XD/NX. • Software-enforced DEP - Software-enforced DEP is an additional set of DEP security checks built into Windows XP SP2 that can be used with any processor that supports Windows XP SP2. Software-enforced DEP is a more limited form of protection for the exception handling mechanisms in Windows. It is used when hardware-enforced DEP is not available, usually because the processor does not support XD or is disabled in BIOS. Do they work together or individually? XD/NX works in conjunction with Microsoft's Data Execution Prevention (DEP) software to help prevent malicious software such as a virus or a worm from executing. The user benefits from increased network security as the malicious code cannot propagate or spread to infect more machines. Support staff also benefit from much improved containment and easier eradication of unwanted software. How is XD different from NX? XD and NX are functionally the same, but they use different hardware implementations. 16

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
16
Frequently Asked Questions
What is XD?
Execute Disable Bit (XD) functionality can prevent certain types of buffer overflow attacks when
used with a supporting operating system and system BIOS. XD allows the processor to classify
areas in memory where application code can and cannot execute. When a virus or worm
attempts to insert code in the buffer, the processor disables code execution, preventing damage
or virus or worm propagation.
This feature works with Microsoft's Data Execution Prevention software to help prevent execution
of malicious software such as a virus or a worm. The user benefits from increased network
security as the malicious code cannot propagate or spread to infect more computers. Support
staff also benefits from much improved containment and easier eradication of unwanted
software.
What is NX?
NX is the term AMD uses for XD.
What is DEP?
Data Execution Prevention (DEP) is the terminology Microsoft uses for XD and NX. In Windows XP
Service Pack 2 (SP2), Microsoft introduced DEP, which is a processor feature that prevents
execution of code in memory that is marked as data storage. This limits the “attack surface”,
specifically for buffer overrun vulnerabilities, where an attacker typically overruns a buffer with
code and then executes this code. Unlike a firewall or antivirus program, DEP does not help
prevent harmful programs from being installed on your computer. Instead, it monitors your
programs to determine whether they use system memory safely.
Windows XP SP2 uses two types of DEP:
Hardware-enforced DEP - Hardware-enforced DEP provides data protection with hard-
ware (processor) support, requiring use of Windows XP SP2 and a processor that sup-
ports XD/NX.
Software-enforced DEP - Software-enforced DEP is an additional set of DEP security
checks built into Windows XP SP2 that can be used with any processor that supports
Windows XP SP2. Software-enforced DEP is a more limited form of protection for the
exception handling mechanisms in Windows. It is used when hardware-enforced DEP is
not available, usually because the processor does not support XD or is disabled in BIOS.
Do they work together or individually?
XD/NX works in conjunction with Microsoft's Data Execution Prevention (DEP) software to help
prevent malicious software such as a virus or a worm from executing. The user benefits from
increased network security as the malicious code cannot propagate or spread to infect more
machines. Support staff also benefit from much improved containment and easier eradication of
unwanted software.
How is XD different from NX?
XD and NX are functionally the same, but they use different hardware implementations.