Firewall, DEP and Windows XP SP2 Support

While running Windows XP Service Pack 2 some firewalls have problems with the DEP function (Data Execution Prevention) and the manufactures asked to disable it for their own product.

You can see your DEP configurations:

  1. Right click on My Computer icon and select Properties.
  2. Go to Advanced, press Settings buttons in the Performance section.
  3. Go to Data Execution Prevention and check if you have DEP turned on for all programs or only for system applications.

Some manufactures, like I said above, ask to “Add” their application on the exclusion list and boot.

I have to issues:

  1. Does your firewall works with DEP allowed for ‘all’ programs? Which is your firewall?

  2. Does avast work at the same conditions? (DEP allowed)

DEP turned on for essential Windows programs and services only. That was set by default with installation of SP2.

avast! woking great, as well as Outpost Freeware v1.0

No problems at all

Ok Sasha. That will work for most of the users.
The problem occurs when all programs are set to be monitored by DEP :-\

But, you forgot exclusion list… that’s why they put it there… :wink:

Ok, what program should we add to that exclusion lists?
What are we losing when add a program to that list?

Sasha, I’m trying to learn… I don’t have the answers for these questions :-[

Ok, what program should we add to that exclusion lists?

Oh, I don’t know either Technical, but as you wrote in your first post -

Some manufactures, like I said above, ask to “Add” their application on the exclusion list and boot.
- probably, we have to wait for manufacturer's notice and then add their application into that list...
What are we losing when add a program to that list?

Most likely nothing… we used to live without that feature while we were using SP1, rememer ? No one suffered any problems. Of course, it’s a very big plus if all of your programs can work withouth “fighting” with DEP, but again… This is just improvement in SP2, and if your program supports it, then it’s additional plus for you, if not, just add it into exclusion list.

Here is explanation of what DEP really is (Microsoft):

Understanding Data Execution PreventionData Execution Prevention (DEP) helps prevent damage from viruses and other security threats that attack by running (executing) malicious code from memory locations that only Windows and other programs should use. This type of threat causes damage by taking over one or more memory locations in use by a program. Then it spreads and harms other programs, files, and even your e-mail contacts.

Unlike a firewall or antivirus program, DEP does not help prevent harmful programs from being installed on your computer. Instead, it monitors your programs to determine if they use system memory safely. To do this, DEP software works alone or with compatible microprocessors to mark some memory locations as “non-executable”. If a program tries to run code—malicious or not—from a protected location, DEP closes the program and notifies you.

DEP can take advantage of software and hardware support. To use DEP, your computer must be running Microsoft Windows XP Service Pack 2 (SP2) or later, or Windows Server 2003 Service Pack 1 or later. DEP software alone helps protect against certain types of malicious code attacks but to take full advantage of the protection that DEP can offer, your processor must support “execution protection”. This is a hardware-based technology designed to mark memory locations as non-executable. If your processor does not support hardware-based DEP, it’s a good idea to upgrade to a processor that offers execution protection features.

It is safe to run a program again if DEP has closed it, but only if you leave DEP turned on for that program. Windows can continue to detect attempts to execute code from protected memory locations and help prevent attacks. In cases where a program does not run correctly with DEP turned on, you can reduce security risks by getting a DEP-compatible version of the program from the software publisher.

Note:
By default, DEP is only turned on for essential Windows operating system programs and services. To help protect more programs with DEP, select Turn on DEP for all programs and services except those I select.

Cheers !

I’m trying the protection against ‘all’ programs and will post what happens…

Thanks, Sasha 8)