Yes it is but only for essential windows programs and services … 
Yes, I was refering to the universal application of DEP- OptOut and AlwaysOn settings- which are the ones SP2 users need to change to to prevent the VML exploit from working.
OK i see Frank. I thought you meant it wasn’t turned on at all in SP2.
I turned DEP on for all software(i don’t have hardware DEP also) and i ran a couple scans with Ad-Aware but seems to run just fine here. Infact everything seems to work OK but i will run some more programs and i see if i encounter any problems.
Hopefully it will be a rare problem:
The majority of applications will not encounter a problem with DEP. However, when an application does encounter a problem with DEP, a Data Execution Prevention message is presented to the user, alerting them to the problem.
OK thanks for the link
I notice when using the OptOut setting (I tried AlwaysOn before) there is a tick box for Ad-Aware, so I guess the conflict with DEP must be a known issue.
http://www.geocities.com/dontsurfinthenude/optout.jpg
I notice there’s also a tick box for Windows Explorer: I wonder if that also will conflict with DEP?
I’ll leave it unticked for a while and see what happens. 
Interesting i have none of those programs on the list … Perhaps they appear there if they conflicted with DEP in the past?
I’ve never had system wide DEP enabled before! ???
Not a single box on my end either, and DEP is enabled for all programs on my machine since like forever:
Hey SZC…mine has been checked just the opposite since day one on this laptop(turn on DEP for essential Windiows Programs and Services Only)and what is the best way to go-everything runs fine as is and i really hate to change anything ???
I wish to see a list of ‘problematic’ applications with DEP.
I have, like Sasha, DEP allowed to every application. No delays, no problems.
Why does some people have to make execptions? What execptions are needed?
It’s amazing, This change which was brought out in a post by Mastertech is
now apparently the way to go till Patch Tuesday.
Unfortunately, his thread has been deleted due to certain derogatory comments within that thread.
Comment’s not made by him but that didn’t seem to matter.
Since I’ve not seen him reply to anything in here, guess he’s again been handed a banana. 
When will we ever learn to live and let live? It’s not necessary to agree with a person to still
accept some help from that individual. Personal animosities have no place in a support forum. IMHO
But did you receive any error message?
The simpler solution (just use DEP for essential Windows programs) isn’t necessary if your system works well with the ‘stronger and safer’ option.
Besides this, if any program generates an error, you should see the error message posted by Frank…
Hi Tech,
With older programs, you can get an error, but software DEP can be applied per application. And there are ways around it. But there are holes in DEP (Ms has not reacted to the Russian Researcher that wrote a tool for that one). But the most important message here is:
“It’s unlikely they will ever reveal how they screwed things up to allow callbacks into data that’s not supposed to be ‘run’, but it’s a certainty they figured out one whale of a hack here.”
polonus
I copy from my other posting
[i]"There will be malware around that will disable DEP while attack, actually this malware has been demonstrated, and is around. Could not this mean that DEP actually comes down to DEPressive??? Read this: http://radsoft.net/resources/rants/20051231,01.shtml
Here about the hole in DEP that Russian security found up half a year ago:
http://www.tunexp.com/news/windows-story-609.html
Limitations
Unlike similar protection schemes available on other operating systems, DEP provides no address space layout randomization, which may allow return-to-libc attacks that could feasibly be used to disable DEP during an attack.
The possibility has now been demonstrated against Windows Hardware-enforced DEP by skape in. which relies on a return-to-libc style attack. This technique relies on directly pointing the EIP register to the known service-pack-dependant location which applies the OptIn/OptOut mechanism. It is reliant on the boottime option of OptOut/OptIn being available. If all pages are strictly enforced, then this attack will not succeed. The PaX documentation further elaborates on why ASLR is necessary. It may be possible to develop a successful attack if the address of prepared data such as corrupted images or MP3s can be known by the attacker.(is already done in QuickTime)
[source Wikipedia]
Software conflicts
DEP is occasionally the cause of software problems, usually with older software. It has exposed bugs in the Virtuozzo virtualization software that prevent certain programs from being virtualized correctly. In most cases, these problems may be solved by disabling the DEP features.
As a response to this, DEP can be turned off on a per-application basis, retaining compatibility for older programs. [source Wikipedia]"[/i]
Safest way to go is with hardware DEP. How to go, you read here:
http://blogs.zdnet.com/Ou/index.php?p=150
p
someone tech told me its was your birthday today(9/24/06)
have a good one my friend ;D
thanks polonus…thats what i did from the link you posted and advise from a few others here on the forum…when the patch comes out…do we leave as is or go back to default(the top one) ???
It's amazing, This change which was brought out in a post by Mastertech is now apparently the way to go till Patch Tuesday.
Bob, if you take a look at page 1 of this thread you’ll see I’d already posted information about how DEP can be used to block the exploit:
http://forum.avast.com/index.php?topic=23646.msg195274#msg195274
Unfortunately, his thread has been deleted due to certain derogatory comments within that thread. Comment's not made by him but that didn't seem to matter.
It was nothing to do with the nature of the comments posted of course. This guy has a reputation for this sort of thing all over the internet but when he posts here it’s never his fault that threads get deleted, but because of comments made by other forum members?
If somebody comes here to troll and threads get deleted, let’s place the blame where the blame belongs- with the troll.
It was nothing to do with the nature of the comments posted of course. This guy has a reputation for this sort of thing all over the internet but when he posts here it’s never his fault that threads get deleted, but because of comments made by other forum members?
You’re entitled to your opinions.
The forum administrators clearly said that the posts were deleted for trolling. Not my opinion at all.
Thanks FWF. Appreciate all the information you have posted concerning this latest threat.