View Single Post
  #10  
Old October 14th 18, 10:45 PM posted to alt.windows7.general
Jeff Barnett[_2_]
external usenet poster
 
Posts: 298
Default Data Execution Prevention (DEP)

Mayayana wrote on 10/14/2018 3:14 PM:
"Brian Gregory" wrote

| I disagree that DEP addresses a minor security issue.
|
| Without DEP many buffer overflow exploits are trivial to exploit

Yes. Which is what I said. So if you allow script in
your browser routinely you could be at slight risk. If
you allow iframes and cross-site scripting you're at
more risk. If you don't block major ad servers the risk
is still higher. Enabling DEP for your browser would
be a good idea and shouldn't have any down side.

But why would you need it enabled for other software?
Anything running on your computer is already allowed
to execute without needing to exploit a vulnerability.
So why not only enable DEP for your browser, and maybe
your email program, if you're worried about it? I'm just
trying to put it in perspective. Risks have contexts.


I believe that if DEP is enabled you may opt out various programs but
there is no way to turn it off except for programs opted in.
--
Jeff Barnett


Ads