Article ID: 889741 - View products that this article applies to.
Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect your system.
This article is Part 7 of the Windows XP Service Pack 2 - Step by Step guide. This article describes how to protect against buffer overflows in Microsoft Windows XP Service Pack 2 (SP2).
To view the other articles in the Windows XP Service Pack 2 - Step by Step guide, see the Microsoft Knowledge Base articles that are listed in the "References" section.
The Windows XP Service Pack 2 - Step by Step guide includes the following topics:
Part 1: Better security with Service Pack 2 Part 2: Installing Service Pack 2 Part 3: The new Security Center Part 4: Automatic Updates Part 5: Virus protection Part 6: Windows Firewall Part 7: Protecting against buffer overflows Part 8: Improvements in Internet Explorer and Outlook Express Part 9: Uninstalling Service Pack 2
Part 7: Protecting against buffer overflowsBuffer overflows are one of the most notorious forms of attack from the Internet. They rely on the simple fact that programmers may make errors when reserving disk space for variables.
This means, for example, that a user may subsequently enter data that contains many more characters than originally designated. The surrounding memory that has nothing to do with the variable may also be affected. Most of the time, the program will stop responding. However, an attacker may also exploit this vulnerability to gain control over the computer.
Collapse this imageExpand this image
How does a buffer overflow work?To correctly understand how a buffer overflow works, you will require some technical knowledge.
A computer has random access memory (RAM) that is shared by all programs. To make memory management easier, Windows XP SP2 has a feature that controls which segments of RAM are currently being used. If a program is started, free memory is allocated to that program.
This memory is divided into three segments:
What does Data Execution Prevention do?Data Execution Prevention (DEP) monitors programs to verify whether they are using system memory securely. To do this, DEP software, either alone or with compatible microprocessors, marks memory locations as "non-executable." If an program tries to run a code (malicious or not) from one of these protected locations, DEP closes the program and notifies you by sending a warning message.
After you install Windows XP SP2, DEP is only enabled for necessary operating system programs and services because not all software programs run smoothly with DEP. To enhance security, you can turn on DEP for all programs and then define exceptions for individual programs and services.
How to enable DEP for all programs
Defining exceptionsIf certain programs cause problems, define them as exceptions. To do this, follow these steps:
To disable Data Execution PreventionWarning This workaround may make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.
If the computer experiences problems with DEP, you can disable this function. To do this, you must modify the Boot.ini file as follows:
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
875352For more information about the other topics in the Windows XP Service Pack 2 - Step by Step guide, click the following article numbers to view the articles in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/875352/ )A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows Server 2003
889735This article is a translation from German. Any subsequent changes or additions to the original German article may not be reflected in this translation. The information that is contained in this article is based on the German-language versions of this product. The accuracy of this information relative to other language versions of this product is not tested within the framework of this translation. Microsoft makes this information available without warranty of its accuracy or functionality and without warranty of the completeness or accuracy of the translation.
(http://support.microsoft.com/kb/889735/EN-US/ )Windows XP Service Pack 2 (Part 1)
(http://support.microsoft.com/kb/889736/EN-US/ )Installing Service Pack 2 (Part 2)
(http://support.microsoft.com/kb/889737/EN-US/ )The new Security Center (Part 3)
(http://support.microsoft.com/kb/889738/EN-US/ )Automatic Updates (Part 4)
(http://support.microsoft.com/kb/889739/EN-US/ )Virus protection (Part 5)
(http://support.microsoft.com/kb/889741/EN-US/ )Windows Firewall (Part 7)
(http://support.microsoft.com/kb/889742/EN-US/ )Improvements in Internet Explorer and Outlook Express (Part 8)
(http://support.microsoft.com/kb/889743/EN-US/ )Uninstalling Service Pack 2 (Part 9)
Article ID: 889741 - Last Review: February 6, 2007 - Revision: 1.5