System and Security: Avast Antivirus warning that Data Execution Prevention is turned off.
One of these days, my Avast Antivirus Free did its automatic quick scan and when finished, displayed a message, that I had never got before: Under the category Operating system issues, Avast warned that Data Execution Prevention is turned off and suggested to turn it on now (or more correctly, after rebooting).
No reason to freak out: The message "Malware or other threats could be running in your PC memory" does not mean that Avast had found any viruses when scanning the memory. It's just a warning that the feature is actually off and if it was on, it could help to prevent malware running in memory.
Four questions that we need an answer for:
- What is Data Execution Prevention?
- Should Data Execution Prevention be on or off?
- How can we manually enable/disable Data Execution Prevention?
- Why did Avast Antivirus suddenly display this warning?
Here, how Microsoft Support describes the functionality:
"Data Execution Prevention (DEP) is a technology built into Windows that helps protect you from executable code launching from places it's not supposed to. DEP does that by marking some areas of your PC's memory as being for data only, no executable code or apps will be allowed to run from those areas of memory.
This is designed to make it harder for attacks that try to use buffer overflows, or other techniques, to run their malware from those parts of memory that normally only contain data."
In the article What Is Data Execution Prevention and How Does It Work?
at the MakeUseOf website, you can read:
"A downside of using DEP is that it may sometimes flag programs that rely on Microsoft Windows services [and will thus not work correctly if DEP is on]. You’ll either have to disable DEP or create an exception for the program in your system settings to run such programs. However, this would make the program vulnerable to attacks that could then spread to other programs and files on your computer."
So, the global recommendation: Be sure that DEP is turned on! And instead of disabling it for a program, try to find a DEP-compatible alternative.
On Windows 10 (maybe on other Windows releases, too), you can enable/disable Data Execution Prevention in Windows Security (you can access it from Windows Settings, or by opening it using the "Windows Security" icon in the system tray). Choose App & browser control, and click the Exploit protection settings link. Set DEP on or off, as you want or need.
No idea, why Avast Antivirus suddenly displayed the DEP warning. Is it a functionality only available since the last version? Was DEP turned on before? If it was turned on, how could it have been turned off? And if it wasn't, why didn't it, as it is said that it's turned on by default? Questions without answers (from my part...)!
If you find this text helpful, please, support me and this website by signing my guestbook.