DTOO128 - Project - Data Execution Prevention must be enforced.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Data Execution Prevention (DEP) is a set of hardware and software technologies performing additional checks on memory to help prevent malicious code from running on a system. The primary benefit of DEP is to help prevent code execution from data pages. Enabling this setting, turns off Data Execution Prevention. As a result, malicious code takes advantage of code injection or buffer overflow vulnerabilities possibly exploiting the computer.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Project 2010 -> Security -> Trust Center 'Turn off Data Execution Prevention' to 'Disabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Project_2010_V1R9_STIG.zip

Item Details

References: CAT|II, CCI|CCI-001170, Rule-ID|SV-33925r1_rule, STIG-ID|DTOO128, Vuln-ID|V-26590

Plugin: Windows

Control ID: 406a08ea79d730c44df0b7557a267b8552b10ac665ae55e08e79a3967718d9f1