As a hardware capability of modern processors this addition is important, but its use depends entirely upon support from the operating system. So when Microsoft introduced support for this into their operating systems, they termed it Hardware DEP for Data Execution Prevention. Support for hardware DEP was introduced into the 32-bit versions of Windows XP with Service Pack 2, into Windows 2003 Server with Service Pack 1, and has always been present in windows vista.
When hardware DEP support is active, an XD/NX-aware operating system running on an XD/NX-capable and enabled processor will mark all memory regions not explicitly containing executable code as non-executable. This protects the system's “heaps”, “stacks”, data and communications buffers from inadvertently running any executable code they might contain.
Why would data or communications buffers ever contain executable code? . . . because so-called “Buffer Overrun” attacks are the predominant way Internet-connected computers have historically been remotely hacked and compromised. Hackers locate obscure software vulnerabilities which allow them to “overrun” the buffers with their own data. This tricks the computer into executing the hacker's supplied data (which is actually code) contained within that buffer. But if the operating system has marked that Internet communications buffer region of memory as only being valid for containing data and NOT code, the hacker's attack will never get started. Instead, the operating system will display a notice to the user that the vulnerable program is being terminated BEFORE any of the hacker's code has the chance to run.
64-bit-capable processors have the ability to run the 64-bit versions of Microsoft's substantially more secure XP, Windows 2003, and Vista operating systems. Those operating systems are more secure because Microsoft, having learned many lessons from mistakes in the past, made the firm decision to lock-down their 64-bit OS kernels. The 64-bit Windows kernels actively police themselves to guard against many rootkit-style and other kernel attacks that have caused so many problems for users of the 32-bit Windows operating systems.
hardware support for virtual machine technology introduces the possibility of creating a “hypervisor” to operate at a hardware-enforced level below the operating system “supervisor” which opens many exciting possibilities for further enhancing the system's security
SecurAble includes a built-in “kernel-mode module” that empowers it to determine with enhanced accuracy which features of the processor may be present, and whether any features have been disabled or “suppressed” by previous actions of the system's BIOS or operating system.
Intel and AMD processors provide the means for “masking” the presence of their XD and NX capabilities from application code running in “user-mode.” But the operating system is always able to determine the truth. Since application software can be misled into believing that processor features are not present
