To confirm that hardware DEP is working in Windows, use one of the following methods.
You can use the Wmic command-line tool to examine the DEP settings. To determine whether hardware-enforced DEP is available, follow these steps:
|
Click Start, click Run, type cmd in the Open box, and then click OK.
|
|
At the command prompt, type the following command, and then press ENTER:
wmic OS Get DataExecutionPrevention_Available
If the output is "TRUE," hardware-enforced DEP is available.
|
To determine the current DEP support policy, follow these steps.
|
Click Start, click Run, type cmd in the Open box, and then click OK.
|
|
At the command prompt, type the following command, and then press ENTER:
wmic OS Get DataExecutionPrevention_SupportPolicy
The value returned will be 0, 1, 2 or 3. This value corresponds to one of the DEP support policies that are described in the following table.
|
DataExecutionPrevention_SupportPolicy property value
|
Policy Level
|
Description
|
2
|
OptIn (default configuration)
|
Only Windows system components and services have DEP applied
|
3
|
OptOut
|
DEP is enabled for all processes. Administrators can manually create a list of specific applications which do not have DEP applied
|
1
|
AlwaysOn
|
DEP is enabled for all processes
|
0
|
AlwaysOff
|
DEP is not enabled for any processes
|
Note To verify that Windows is running with hardware DEP enabled, examine the DataExecutionPrevention_Drivers property of the Win32_OperatingSystem class. In some system configurations, hardware DEP may be disabled by using the /nopae or /execute switches in the Boot.ini file. To examine this property, type the following command at a command prompt:
wmic OS Get DataExecutionPrevention_Drivers
Output sample on my PC: