How to enable processor-based security

PCs operating under Windows operating systems have the same level of protection as those used by high-performance servers. This technology - known under different names for each manufacturer, such as NX (No eXecute), EVP (Enhanced Virus Protection), XD (eXecute Disable) or DEP (Data Execution Protection) - allows The processor itself can detect when there is malicious code (such as virus or Trojan horse) and automatically disable that code. In this short tutorial, we will show you how to enable this feature.

This technology works by creating a separate zone for executing programs and for storing data in the computer's RAM, if a certain code in the area has been set aside for data storage. If it tries to run, the processor will assume that it is malicious and will prevent execution of that code.

You need to be aware that the processor itself does not have the ability to eliminate viruses from computers. If a PC using NX technology is infected with the virus, the processor will warn you (via the operating system) that your computer may be infected and will not allow the virus to work, however You still have to run an antivirus program to remove the virus from your computer and avoid infecting others (for example, when you send email with attachments).

To get this level of security in your computer, you need to have three prerequisites later. The first condition is that your processor must have this security technology. Secondly, your operating system must be able to recognize it and thirdly it must be enabled in the operating system.

Therefore, the first thing to do is check whether your CPU has this technology. This can be done with the help of a hardware identification utility, such as Sandra or Hwinfo .

With Sandra, click on Hardware, Processors and the program will list all the features provided for that CPU. This list will be very long, you must drag the scroll bar to ' Extended Features ' and find the feature ' XD / NX - No-execute Page Execution Protection '. You will see a word ' yes ' next to it if your CPU supports this level of security.

In Figures 1 and 2, we give two examples. The CPU on Figure 1 is an AMD CPU (Athlon 64 3800+) and the CPU on Figure 2 is Intel (Core 2 Extreme X6800). As you can see, the new CPUs from both manufacturers support this technology.

How to enable processor-based security Picture 1
Figure 1: AMD CPU with NX feature

How to enable processor-based security Picture 2
Figure 2: Intel CPU with NX feature

If your CPU does not have this feature, it will not be able to activate this protection feature.

The next step is to configure Windows to allow it to match this feature

Operating system configuration

For operating systems, both Linux and Solaris have adopted this technology in the last few years, but for Windows operating systems, this technology is only available on Windows XP SP 2. So if you If you use Windows XP, you need to upgrade to SP2. You can check if SP2 is installed by clicking on the System icon in Control Panel. If your operating system is SP 2, it will be listed under 'System'. If not, you need to install SP2.

In Windows XP SP2 and Windows Vista, you can check whether NX technology is enabled correctly by clicking the System icon in Control Panel. On the window that appears, click the Advanced tab, as shown in Figure 3.

How to enable processor-based security Picture 3
Figure 3: Advanced system configurations

In this window, click the first Settings button in the ' Performance ' field. The Data Execution Prevention tab will appear on the window that appears. This is where NX technology is configured or not.

How to enable processor-based security Picture 4
Figure 4: Configuring NX technology

As you can see, there are two options: ' Turn on DEP for essential Windows programs and services only ' ( Turn on DEP for necessary Windows programs and services ) and ' Turn on DEP for all programs and services except those I select '( Turn on DEP for all programs and services except the ones you choose ). This means that this technology will only protect the necessary Windows programs and services. With this configuration, NX technology will not protect you against viruses or Trojan Horse if they attack with a certain program.

Therefore, we recommend using the second option, which will work for all programs and services. If in the future you make a mistake - for example, Windows warns that a program that you know is not infected is trying to execute the code in the mapped memory location as the data area. then you can simply enter this window and add that this is a good program in its exclusion list, done by clicking the Add button.

Click OK , restart the computer, then your computer is protected with NX technology. However, as we said, although with this technology, you still have to use an antivirus program and remember to regularly upgrade the program. This is just a feature added to the extended security layer for computers.

4 ★ | 2 Vote

May be interested

  • If you want VLC to consume less battery, just enable Hardware AccelerationIf you want VLC to consume less battery, just enable Hardware Acceleration
    decoding hardware acceleration is much more efficient. with hardware acceleration, the cpu will not interfere with the process of graphics processor (gpu) - designed to speed up the process of decoding (or encoding) a specific video. in short, gpu can solve your problem faster and use less battery.
  • Enable security Click to Play Plugins on all browsersEnable security Click to Play Plugins on all browsers
    click to play feature will prevent the browser from automatically downloading and running unwanted media content, causing discomfort to users, such as promotional videos.
  • How to enable / disable notifications from Windows Security Center in Windows 10How to enable / disable notifications from Windows Security Center in Windows 10
    windows security center sends notifications with important information about your device's health and security. you can specify which windows security center notifications you want to receive.
  • What is Azure Sphere?What is Azure Sphere?
    azure sphere is a high-end application platform, equipped with integrated security and communications features, for internet-connected devices, including an mcu, custom linux-based operating system, and security services. cloud-based security.
  • How to enable Site Isolation security feature on ChromeHow to enable Site Isolation security feature on Chrome
    google released a new version of chrome with a new security feature that separates all websites according to its own process. let's tipsmake.com refer to how to enable site isolation security features on chrome in this article offline!
  • Enable password in BIOSEnable password in BIOS
    you can use tips in the bios to enable extra levels of security, ask for other passwords at startup, access the drive, change bios settings.
  • Trojan 2.0 - Implications of Web 2.0 technologyTrojan 2.0 - Implications of Web 2.0 technology
    finjan malware research center has just released the fourth security risk report. accordingly, measures against traditional malware - signature-based (virus detection based on a database of known malware software) and
  • Learn about Parrot Security OSLearn about Parrot Security OS
    parrot security os is a gnu / linux distribution based on debian, developed by the frozenbox network, focusing on penetration testing, digital investigations, reverse engineering, hacking, cryptography and anonymity.
  • How to enable Enhanced Anti-Spoofing Windows 10?How to enable Enhanced Anti-Spoofing Windows 10?
    enhanced anti-spoofing is a system security feature available on windows 10 computers, with the main function of enhancing system security. after activating this feature, you must use the face detection feature on supported devices to use the computer.
  • SECURITY SECURITY II: Security Policy Account for Computer Security Account PoliciesSECURITY SECURITY II: Security Policy Account for Computer Security Account Policies
    in the previous section i introduced common methods to protect an organization's computer. in the next part, i will present the specific methods in order, from the process of setting up the system, operating the system based on the safety policies from basic to the advance skills that the admin security should care about. to apply to building information security processes for organizations ...