Data Execution Prevention (DEP) is a useful Windows Vista security feature that can prevent the execution of software in data memory locations and thus help to prevent malicious software from attacking and harming the system. This security tool needs to be configured before it can fully operate. Over time, this feature might also accidentally shut down legitimate processes of valid applications. Users can choose to activate the feature as security measure or disable it for certain reasons. Check out our previous post on how to turn on/off the Data Execution Prevention tool. If you are using others’ computer or for some reason want to verify whether the DEP feature is enabled or disabled, you can do so via the following steps:

Launch an elevated command prompt shell with administrative privileges and credentials. To do so, users need to log on to Windows Vista with a user account with administrator rights. Right click on the Command Prompt icon and select “Run as Administrator”

Execute the following command:

wmic OS Get DataExecutionPrevention_SupportPolicy

Press Enter.

Look at the number display on the screen. The number indicates the DEP status which reads as follows:

  • 0 =AlwaysOff – DEP is disabled for all processes
  • 1 =AlwaysOn – DEP is enabled for all processes
  • 2 =OptIn – DEP is enabled for Windows system components and services (this is the default setting)
  • 3 =OptOut – DEP is enabled for all processes except for those Administrators identified