Data Execution Prevention (DEP) is one of those “fuzzy” things. It is a blessing in most cases when he does his job and does not interfere, but is cursed when he interferes.
Let’s take a look at DEP and how to configure or disable DEP based on your needs.
What is DEP and what does it do?
According to Microsoft DEP:
“… a set of hardware and software technologies that perform additional memory checks to prevent malicious code from running on the system. “
Dell simplifies it a bit and tells us that DEP
” can help protect your computer by monitoring your programs to make sure they are using system memory safely.”
What does it mean? There are certain areas in the computer’s memory that are not intended for executing code, but sometimes the code does execute there.
Usually the code that runs there is malicious. DEP will monitor these areas and, if it sees something happening in these areas, will disable them. If you want to know more about how this works, read the detailed description of Microsoft Data Execution Prevention.
Why is DEP causing problems?
Even today, computers are stupid. They cannot reason, they can only use the most elementary logic. Plus, this logic is put into them by humans, so computers put our errors in them too.
Sometimes good programs go to the areas that DEP tracks and work in those areas.
When this happens, DEP sometimes exits the entire program and notifies you with an error message. But sometimes DEP just makes the program perform very poorly and there is nothing obvious to tell you why.
Which software has issues with DEP?
Programs that conflict with DEP are usually older programs or built on an older code base. Many enterprise resource planning (ERP) programs are built on a code base dating back to the 1970s. There was no DEP then, so the program will go to the areas that DEP patrols.
64-bit programs were created after DEP was well developed, so they were designed with the requirements in mind. Most programs that conflict with DEP will be 32-bit.
Third-party programs that actively interact with Windows services or run native Windows services may be disabled by DEP. In this case, the vendor recommends disabling DEP completely.
For the home user, older 32-bit games and some emulators for playing older games are likely to conflict with DEP.
Older device drivers or drivers downloaded from unofficial sources can also cause DEP errors. Only download drivers from your hardware manufacturer or Microsoft, and update your drivers regularly
How do I know that DEP is the problem?
You may need to go to Event Viewer and view the logs for event ID 1000. If you find it, it might look like this:
Event ID: 1000 – DEP Error: Shared Host for Win32 Services Shared Host Process for Win32 Services – DEP: Application Error
Event Type: Error
Event Source: Application Error
Event Category: (100)
Event ID: 1000
You may see other errors related to things like:
- 0xFC: ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY – Occurs when a device driver tries to run in memory. It could be a bad or outdated driver. You need to update your drivers.
- STATUS_ACCESS_VIOLATION (0xc0000005) – occurs when programs try to run in DEP protected memory space.
How to configure DEP on or off
In Windows 10, DEP defaults to the Enable DEP setting for essential Windows programs and services only. In most cases, this is sufficient. This means that most of your programs will be ignored by DEP.
However, if DEP helps protect your computer and does not hinder performance, you can select Enable DEP for all programs except the ones I have selected. Then, if you find a program that has a DEP problem, we can add it as an exception. Let’s see how to do this.
- Open the control panel, then open the system.
- On the left side of the System window, click Advanced System Settings.
- The System Properties window should open and the Advanced tab should already be installed. In the Performance area, click Settings.
- In the Performance Options window, click the Data Execution Prevention tab.
- In the “Enable DEP” section for all programs except the ones I selected, click the “Add” button at the bottom of the window.
- Browse to the executable of the program we want to add as an exception. It will most likely be in C: / Program Files (x86).
- In this example, we add MediaMonkey, an old music playback utility. Click on the .exe file as soon as we find it and click “Open”.
- Under Performance Options, click Apply. MediaMonkey will now work without DEP protection, while everyone else will work with DEP protection.
Turn off DEP completely
If you want to completely disable DEP, we recommend that you do so only as part of a fix. DEP is here for your protection.
Since this is not advised, there is no good way to do this with a mouse. Let’s see how you can disable DEP.
- Open a command window as administrator. To do this, type cmd in the program search box next to the Start menu.
- Type bcdedit.exe / set {current} nx AlwaysOff and press Enter.
bcdedit.exe is a Windows utility for editing boot configuration data, hence bdcedit.
/ set tells bcedit to set the parameter value entry in the boot configuration.
{current} tells becedit to work with the currently used boot configuration.
nx is short for “do not execute” and is the name of the DEP option in the boot configuration.
AlwaysOff is self-explanatory.
- Restart your computer.
- DEP will now be completely and permanently disabled.
Turn on DEP for everything
To enable DEP for absolutely everything, the process and command is the same as above.
- Open a command window as administrator following the instructions in the above procedure.
- Enter the bcdedit.exe / set {current} nx AlwaysOn command.
- Restart your computer.
- DEP will be enabled and all programs will be monitored.
Once DEP has been enabled or disabled, it CANNOT be changed in the Data Execution Prevention tab in System Settings.
Let’s see how to change it so that the switches on the DEP tab can be used again.
Set DEP back to default behavior
To restore DEP’s default behavior and make it manageable again using system settings, follow these steps.
- Open a command window as administrator.
- Enter the bcdedit.exe / install {current} nx OptIn command.
- Restart your computer.
- The switches on the DEP tab in system settings are now available again.
DEP or not DEP
We recommend that you leave DEP at the default, Enable DEP for core Windows programs and services, unless you need to change it to fix problems that may be related to DEP.
–