On the way to Microsoft's attack on the new operating system Longhorn, Windows XP was found to have some unreasonable and imperfect mechanisms. So as a transition between the old and new generations of operating systems, the Service Pack 2 patch is directed at the Windows XP navel. SP2 completely broke the "patch" image in the eyes of ordinary people, and the security of Windows XP has added a lot of color. But what about the legendary SP2 compatibility? People who have not experienced SP2 compatibility issues may not be the right thing, but when users who use P4 Prescott/Celeron D processors encounter SP2, the system stalls on the splash screen and cannot be started. The situation; or sometimes some DVD movies in the encoding format can not be played properly, etc., people have turned their doubts to the SP2 eye-catching glory.
I recently used Realmagic Hollywood Plus DVD decoder software, encountered not play, frequent mistakes in the case.
Figure 1
Go to Microsoft's official
technology
support website to ask, it turned out that SP2's DEP is in the ghost.
Data Execution Protection DEP helps protect your computer from viruses and other security threats. Some malware exploits software security vulnerabilities that allow excessive data to be copied to an area of computer memory. This type of vulnerability is commonly referred to as a buffer overflow. Microsoft is working with microprocessor companies to allow Windows to support hardware-enforced execution protection (also known as NX or no execution) features. In this way, when an attacking worm or virus inserts program code into a portion of memory that is marked as containing only data, the application or Windows component will not run the code. Starting with Windows XP Service Pack 2, the 32-bit version of Windows takes advantage of the NX features of the 64-bit AMD and Intel Itanium processor families to protect the software. In other words, the CPU has begun to have anti-virus capabilities. But how do users who do not use these processors enjoy similar treatment? Software DEP technology can be implemented in Windows XP Service Pack 2 to help protect against malicious code.
Right click on "My Computer", click "Properties", open the system control panel, click "Advanced" → "Performance" → "Settings" → "Data Execution Protection", the system defaults only to Windows internal Programs and services enable DEP. All programs can be protected by checking "Enable DEP for all programs and services except the selected programs below". Figure 2
DEP is enabled but will also have some disadvantages, summed up in three points:
1. and the old version of the driver (including decoding software mentioned above) conflict, because the old version Driving some instructions is somewhat similar to malicious code. At this time, just click "Add" in the data execution protection dialog box, and add a program that does not need to perform protection to call the old version of the driver.
2. After you add the program to the DEP will reduce the performance of the program.
There may be security holes in the DEP itself. The Moscow security company Positive TechnologIEs disclosed two vulnerabilities in DEP. The company developed a small patch: PTmsHORP (download address: http://www.maxpatrol.com/ptmshorp.ASP
). After running, you can patch the DEP of all programs.
Figure 3
[Summary] While protecting the computer from malicious code, DEP also has its own shortcomings. But overall, DEP breaks the myth that the buffer overflow vulnerability can't be remedied, with the cooperation of processor vendors. Will inevitably lead the trend of the operating system.