Data Execution Prevention (DEP) is Disabled

info Nessus Plugin ID 24282

Synopsis

Data Execution Prevention protection is disabled.

Description

The remote host is capable of supporting Data Execution Prevention (DEP), either by virtue of a processor that supports the NX bit or through software, using what Microsoft calls Safe Structured Exception Handling (SafeSEH).

The current DEP policy, though, is set to 'Always Off', which prevents it from protecting the host.

Solution

Change the DEP policy on the remote host if desired.

See Also

https://en.wikipedia.org/wiki/Data_Execution_Prevention

Plugin Details

Severity: Info

ID: 24282

File Name: wmi_dep_off.nbin

Version: 1.240

Type: local

Agent: windows

Family: Windows

Published: 2/6/2007

Updated: 11/12/2024

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/WMI/Available