HP dx6128 Data Execution Prevention - White Paper, 2nd Edition - Page 2

Based upon Microsoft TechNet article "Changes to Functionality in Microsoft's Windows XP Service Pack 2," dated August 9, 2004, by Starr Anderson & Vincent Abella. Introduction Microsoft's Windows XP Service Pack 2 introduces a set of security technologies that will help improve the ability of computers running Windows XP to withstand malicious attacks, especially those from viruses and worms such as Code Red, Blaster and Sasser. F-Secure Corporation's Data Security Summary for 2004 reports that there are now in excess of 100,000 recognized viruses, with Sasser being the most recent major epidemic. Released in May 2004, this automatic network worm quickly spread, and reportedly affected three major banks, an Australian Railroad, county hospitals in Sweden, and the European Commission in Brussels, to name a few. Microsoft's Windows XP Service Pack 2 includes multiple security improvements: • Network protection • Memory protection • Email handling • Web browsing security • Computer maintenance Together, these security technologies help to make it more difficult to attack Windows XP, even if the latest antivirus updates are not applied. This paper focuses on the aspect of memory protection and how Data Execution Prevention helps lock down the ability for malicious code to propagate through the network. However, you should expect some application behaviors to be incompatible with Data Execution Prevention. Applications that perform dynamic code generation (such as Just-In-Time code generation) that do not explicitly mark generated code with Execute permission may have compatibility issues with Data Execution Prevention. HP recommends that customers test Windows XP Service Pack 2 before wide scale deployment in their environment. 2