Microsoft KB Archive/903008

= The Data Execution Prevention tab in System Properties does not show hardware-based DEP support information in x64 or Itanium-based versions of Windows Server 2003 or Windows XP =

Article ID: 903008

Article Last Modified on 10/11/2007

-

APPLIES TO


 * Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
 * Microsoft Windows Server 2003, Enterprise x64 Edition
 * Microsoft Windows Server 2003, Standard x64 Edition
 * Microsoft Windows XP Professional x64 Edition

-





SYMPTOMS
Consider the following scenario. You are running an x64 or Itanium-based version of Microsoft Windows Server 2003 or Microsoft Windows XP. You click the Data Execution Prevention tab in the Performance Options dialog box. You cannot see that the computer processor or processors support hardware-based Data Execution Prevention (DEP). For example, follow these steps in the 32-bit versions of Windows Server 2003 with Service Pack 1 (SP1) or Windows XP with Service Pack 2 (SP2) to determine whether hardware-based DEP is available on the computer:  Click Start, click Run, type sysdm.cpl in the Open box, and then click OK. Click the Advanced tab, and then click Settings under Performance. Click the Data Execution Prevention tab. If the following conditions are true for the computer, you receive an informational message:  The computer is running one of the following operating systems:  An x64-based version of Microsoft Windows Server 2003 An x64-based version of Microsoft Windows XP An Itanium-based version of Windows Server 2003</li> An Itanium-based version of Windows XP</li></ul>

32-bit version of Windows Server 2003 with SP1 or a 32-bit version of Windows XP with SP2.</li> The computer does not support hardware-based DEP.</li> The computer uses software DEP.</li></ul>

The following informational message appears on the Data Execution Prevention tab:

Your computer’s processor does not support hardware-based DEP. However, Windows can use DEP software to help prevent some types of attacks.

</li></ol>

This symptom occurs even if you use the /noexecute=optin or /noexecute=optout switches in the Boot.ini file of an x64 or Itanium-based version of Windows Server 2003 or Windows XP.

<div class="status_section">

STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section of this article.

<div class="moreinformation_section">

MORE INFORMATION
If hardware-based DEP is not available on the system bootstrap processor, Windows uses software-based DEP only. Windows uses software-based DEP only even though an informational message is not displayed at the bottom of the Data Execution Prevention tab.

If hardware-based DEP is available on the system bootstrap processor, Windows uses hardware-based and software-based DEP. However, an informational message is not displayed at the bottom of the Data Execution Prevention tab.

Windows applies DEP based on the policy level that is specified by the /noexecute switch in the Boot.ini file.

For more information about how Windows Server 2003 determines the availability of hardware-based DEP on multiprocessor systems, click the following article number to view the article in the Microsoft Knowledge Base:

902247 Availability of hardware-based Data Execution Prevention on multiprocessor systems that are running Windows Server 2003 with Service Pack 1

For more information about the DEP feature and Windows Server 2003 with SP1, visit the following Microsoft Web site:

http://technet2.microsoft.com/windowsserver/en/sp1.mspx

For more information about the DEP feature in Windows XP, click the following article number to view the article in the Microsoft Knowledge Base:

875352 A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows Server 2003

Technical support for Windows x64 editions
Your hardware manufacturer provides technical support and assistance for Microsoft Windows x64 editions. Your hardware manufacturer provides support because a Windows x64 edition was included with your hardware. Your hardware manufacturer might have customized the Windows x64 edition installation with unique components. Unique components might include specific device drivers or might include optional settings to maximize the performance of the hardware. Microsoft will provide reasonable-effort assistance if you need technical help with your Windows x64 edition. However, you might have to contact your manufacturer directly. Your manufacturer is best qualified to support the software that your manufacturer installed on the hardware.

For product information about Microsoft Windows XP Professional x64 Edition, visit the following Microsoft Web site:

http://www.microsoft.com/windowsxp/64bit/default.mspx

For product information about Microsoft Windows Server 2003 x64 editions, visit the following Microsoft Web site:

http://www.microsoft.com/windowsserver2003/64bit/x64/default.mspx

Additional query words: Winx64 Windowsx64 64bit 64-bit

Keywords: kbtshoot KB903008

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.