EXECUTE DISABLE BIT

1/22/2005

Execute Disable Bit (EDB) is a capability in some CPUs designed after 2000 that allows areas of memory to be designated as no-execute zones. If execute disable is supported by both the hardware and the operating system, some buffer overflow attacks on computers can be thwarted ... if the buffer overflow is used to insert malicious code onto the program stack. Buffer overflows that are exploited more passively e.g. by altering a return address or other data words on the stack will not be prevented by Execute Disablement

Execute Disable is supported by all Intel Itanium CPUs and by some Pentium 4 CPUs starting in mid 2004. Intel has announced that it intends to include Execute disable in all Pentiums and Celerons by mid 2005. It is also available on AMD and Transmeta CPUs

Execute disable support was incorporated in Windows 2003 Service Pack 1 and Windows XP Service Pack 2. It is also available in some Linux distributions.

Return To Index Copyright 1994-2002 by Donald Kenney.