Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
JSI Tip 10036. How can a batch script determine if Hardware DEP is available and configured on my computer?
Jerold Schulman
January 8, 2006
1 Min Read
NOTE: See A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2, and Windows XP Tablet PC Edition 2005, and Windows Server 2003.
NOTE: See How to Configure Memory Protection in Windows XP SP2?
Using Wmic.exe, I have scripted DEP.bat to determine if Hardware DEP is available on my computer, and how it is configured.
To use Hardware DEP:
- The computer's processor must support DEP.
- The DEP functionality must be enabled in the BIOS.
- The computer must be running Windows XP SP2 or Windows Server 2003 SP1, or later versions.
- The computer must have Hardware-enforced DEP enabled for programs.
The syntax for using DEP.bat is:
DEP HA SP
Where:
HA is a call directed environment variable that will contain TRUE or FALSE to indicate Hardware DEP.SP is a call directed environment variable that will contain:
SP | Description |
|---|---|
0 | DEP is not enabled for any processes. |
1 | DEP is enabled for all processes. |
2 | DEP is enabled for all processes, but Administrators can exclude specific programs. |
3 | Only operating system components and services use DEP. This is the default. |
DEP.bat contains:
@echo offIf {%2}=={} @echo Syntax: DEP HA SP&goto :EOFsetlocalfor /f "Skip=1 Tokens=*" %%a in ('wmic OS Get DataExecutionPrevention_Available') do ( set HA=%%a)for /f "Skip=1 Tokens=*" %%a in ('wmic OS Get DataExecutionPrevention_SupportPolicy') do ( set SP=%%a)set HA=%HA: =%set SP=%SP: =%endlocal&set %1=%HA%&set %2=%SP%About the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
