How to prevent the PAE kernel from loading in Windows Server 2003 with Service Pack 1 and later versions of Windows Server 2003 or in Windows XP with Service Pack 2 and later versions of Windows XP

Article translations Article translations
Article ID: 900524 - View products that this article applies to.
Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect your system.
Expand all | Collapse all

On This Page

INTRODUCTION

This article describes how to prevent the Physical Address Extension (PAE) kernel from loading in Microsoft Windows Server 2003 with Service Pack 1 (SP1) and later versions of Windows Server 2003 or in Microsoft Windows XP with Service Pack 2 (SP2) and later versions of Windows XP.

Note We do not recommend that you disable PAE mode.

We recommend that you disable PAE mode only to work around a hardware issue or to troubleshoot a specific issue that involves PAE or Address Windowing Extensions (AWE). Some features in hardware, such as the security features that are described in this article, depend on the PAE kernel for implementation. Contact your hardware vendor for information that is relevant to a specific model of computer.

More information

In Windows Server 2003 with SP1 and later versions of Windows Server 2003 and in Windows XP with SP2 and later versions of Windows XP, the Data Execution Prevention (DEP) processor features require that the processor run in PAE mode. DEP is a set of hardware and software technologies. These technologies perform additional checks on memory to help prevent malicious code from running on a system.

Starting with Windows XP SP2 and later versions of Windows XP, the 32-bit versions of Windows use one of the following hardware technologies to implement DEP:
  • The no-execute page-protection (NX) processor feature as defined by Advanced Micro Devices.
  • The Execute Disable Bit (XD) feature as defined by Intel.
For more information about the DEP feature, click the following article number to view the article in the Microsoft Knowledge Base:
875352 A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows Server 2003
For more information about the underlying hardware technologies that are used with DEP, contact Advanced Micro Devices or Intel.

Note To support DEP, Windows will automatically load the PAE kernel. You do not have to use the /PAE boot switch in the Boot.ini file.

How to disable PAE mode

Warning This workaround may make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.

To troubleshoot a system, you may have to disable PAE mode on a computer where Windows has automatically enabled PAE mode. In this scenario, you can disable PAE mode by editing the Boot.ini file.

Disable PAE mode in Windows Server 2003 with SP1 and later versions of Windows Server 2003

Add the following switches to the Windows Server 2003 Boot.ini file:
/execute /NOPAE
For example, the Boot.ini file may appear as follows:
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows Server 2003" /fastdetect /execute /NOPAE

Disable PAE mode in Windows XP with SP2 and later versions of Windows XP

Add the following switches to the Windows XP Boot.ini file:
/noexecute=alwaysoff /NOPAE
For example, the Boot.ini file may appear as follows:
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP" /fastdetect /noexecute=alwaysoff /NOPAE


For more information about how to edit the Boot.ini file, click the following article number to view the articles in the Microsoft Knowledge Base:
317526 How to edit the Boot.ini file in Windows Server 2003
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.

Properties

Article ID: 900524 - Last Review: June 20, 2014 - Revision: 4.0
Applies to
  • Microsoft Windows Server 2003 Service Pack 2, when used with:
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)
    • Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Server 2003 Service Pack 1, when used with:
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows XP Service Pack 3, when used with:
    • Microsoft Windows XP Professional
    • Microsoft Windows XP Home Edition
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Keywords: 
kbtshoot KB900524

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com