Ok, what program should we add to that exclusion lists?
Oh, I don’t know either Technical, but as you wrote in your first post -
Some manufactures, like I said above, ask to “Add” their application on the exclusion list and boot.
- probably, we have to wait for manufacturer's notice and then add their application into that list...
What are we losing when add a program to that list?
Most likely nothing… we used to live without that feature while we were using SP1, rememer ? No one suffered any problems. Of course, it’s a very big plus if all of your programs can work withouth “fighting” with DEP, but again… This is just improvement in SP2, and if your program supports it, then it’s additional plus for you, if not, just add it into exclusion list.
Here is explanation of what DEP really is (Microsoft):
Understanding Data Execution PreventionData Execution Prevention (DEP) helps prevent damage from viruses and other security threats that attack by running (executing) malicious code from memory locations that only Windows and other programs should use. This type of threat causes damage by taking over one or more memory locations in use by a program. Then it spreads and harms other programs, files, and even your e-mail contacts.
Unlike a firewall or antivirus program, DEP does not help prevent harmful programs from being installed on your computer. Instead, it monitors your programs to determine if they use system memory safely. To do this, DEP software works alone or with compatible microprocessors to mark some memory locations as “non-executable”. If a program tries to run code—malicious or not—from a protected location, DEP closes the program and notifies you.
DEP can take advantage of software and hardware support. To use DEP, your computer must be running Microsoft Windows XP Service Pack 2 (SP2) or later, or Windows Server 2003 Service Pack 1 or later. DEP software alone helps protect against certain types of malicious code attacks but to take full advantage of the protection that DEP can offer, your processor must support “execution protection”. This is a hardware-based technology designed to mark memory locations as non-executable. If your processor does not support hardware-based DEP, it’s a good idea to upgrade to a processor that offers execution protection features.
It is safe to run a program again if DEP has closed it, but only if you leave DEP turned on for that program. Windows can continue to detect attempts to execute code from protected memory locations and help prevent attacks. In cases where a program does not run correctly with DEP turned on, you can reduce security risks by getting a DEP-compatible version of the program from the software publisher.
Note:
By default, DEP is only turned on for essential Windows operating system programs and services. To help protect more programs with DEP, select Turn on DEP for all programs and services except those I select.
Cheers !