16
Frequently Asked Questions
What is XD?
Execute Disable Bit (XD) functionality can prevent certain types of buffer overflow attacks when
used with a supporting operating system and system BIOS. XD allows the processor to classify
areas in memory where application code can and cannot execute. When a virus or worm
attempts to insert code in the buffer, the processor disables code execution, preventing damage
or virus or worm propagation.
This feature works with Microsoft's Data Execution Prevention software to help prevent execution
of malicious software such as a virus or a worm. The user benefits from increased network
security as the malicious code cannot propagate or spread to infect more computers. Support
staff also benefits from much improved containment and easier eradication of unwanted
software.
What is NX?
NX is the term AMD uses for XD.
What is DEP?
Data Execution Prevention (DEP) is the terminology Microsoft uses for XD and NX. In Windows XP
Service Pack 2 (SP2), Microsoft introduced DEP, which is a processor feature that prevents
execution of code in memory that is marked as data storage. This limits the “attack surface”,
specifically for buffer overrun vulnerabilities, where an attacker typically overruns a buffer with
code and then executes this code. Unlike a firewall or antivirus program, DEP does not help
prevent harmful programs from being installed on your computer. Instead, it monitors your
programs to determine whether they use system memory safely.
Windows XP SP2 uses two types of DEP:
• Hardware-enforced DEP - Hardware-enforced DEP provides data protection with hard-
ware (processor) support, requiring use of Windows XP SP2 and a processor that sup-
ports XD/NX.
• Software-enforced DEP - Software-enforced DEP is an additional set of DEP security
checks built into Windows XP SP2 that can be used with any processor that supports
Windows XP SP2. Software-enforced DEP is a more limited form of protection for the
exception handling mechanisms in Windows. It is used when hardware-enforced DEP is
not available, usually because the processor does not support XD or is disabled in BIOS.
Do they work together or individually?
XD/NX works in conjunction with Microsoft's Data Execution Prevention (DEP) software to help
prevent malicious software such as a virus or a worm from executing. The user benefits from
increased network security as the malicious code cannot propagate or spread to infect more
machines. Support staff also benefit from much improved containment and easier eradication of
unwanted software.
How is XD different from NX?
XD and NX are functionally the same, but they use different hardware implementations.
