DEP and virus protection

Hello,

I am running Windows 7x64 and would like to know more about DEP and how it protects against virus/malware and in particularly, RANSOMWARE. If DEP is enabled for all applications and software, will it block, if it gets past the virus protection software, ransomware attacks? I am trying to enforce new data security using any and all Windows 7 features as a first line of defense against these attacks. You input and expertise is greatly appreciated..

Diz-One

Answer
Answer

Data Execution Prevention (DEP) can help protect your computer by monitoring programs to make sure they use system memory safely. If a program tries running (also known as executing) code from  memory in an incorrect way, DEP closes the program.  The following DEP FAQ page, though created for Vista, also applies to later versions of Windows.

http://windows.microsoft.com/en-US/windows-vista/Data-Execution-Prevention-frequently-asked-questions

The purpose of DEP as stated above is actually to block specific types of attack, known as exploits, not necessarily particular malware.  However, your general idea of insuring that all available Windows security features are enabled to enforce better overall security is good.  The more of these settings that are enabled or set at high levels, the less likely that a particular exploit or combination of them might be able to successfully compromise your PC.

Since the primary type of malware you have mentioned is Ransomware, the attacks for these are most often via web browsing, so securing the browser(s) in use on the system should be your largest concern.  In fact, removing any alternative 3rd-party browsers which aren't regularly used or fully maintained is the first and most effective thing that can be done.  This is because every browser has its own vulnerabilities and security risks that simply adds to those that already exist in Internet Explorer and Windows itself, so they must be separately updated and secured on top of what is already required for IE and Windows.

https://www.nsslabs.com/reports/browser-security-comparative-analysis-report-socially-engineered-malware

Next would be to investigate the settings specifics for whatever browser(s) remain, including basic security settings and more advanced items like Enhanced Protected Mode.  Note that some of the information in these links is related to operation on Windows 8, so you must read carefully to understand what works with Windows 7.

http://windows.microsoft.com/en-us/windows/change-internet-explorer-security-settings#1TC=windows-7

http://blogs.msdn.com/b/ie/archive/2012/03/14/enhanced-protected-mode.aspx

http://blogs.msdn.com/b/ie/archive/2012/03/12/enhanced-memory-protections-in-ie10.aspx

There are side-effects to any of these settings, but these generally trade-off increased security for things like the inability to use some badly designed add-ons (e.g. toolbars, etc.) or certain features on a few websites that don't follow good current design practices.

The key question here becomes whether you'd prefer to greatly increase security overall with the potential cost being some possible occasional issues with websites or add-ons which are typically not performing properly anyway and in fact may be either malicious or at least not well designed by current standards?

If like me you tend to browse mostly major sites and aren't concerned with a rare hiccup on less popular sites than this is a relatively easy choice.  If you are concerned about others using these system, give the settings a try on your own system first and then migrate them to others as you learn how strictly they can be configured without affecting these others in ways they may not accept.

Rob

4 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

 
 

Question Info


Last updated April 19, 2020 Views 701 Applies to: