heres what M$ has,I am new to xp so
I like info like this
/noexecute
The /noexecute parameter enables Data Execution Prevention (DEP), a set of hardware and software technologies designed to prevent harmful code from running in protected memory locations
/noexecute={alwayson | optout | optin | alwaysoff}
Subparameter
alwayson
Enables DEP for the operating system and all processes, including the Windows kernel and drivers. All attempts to disable DEP are ignored.
optout
Enables DEP for the operating system and all processes, including the Windows kernel and drivers. However, administrators can disable DEP on selected executable files by using System in Control Panel.
optin
Enables DEP only for operating system components, including the Windows kernel and drivers. Adminstrators can enable DEP on selected executable files by using the Application Compatibility Toolkit (ACT).
alwaysoff
Disables DEP. Attempts to enable DEP selectively are ignored. This parameter also disables physical address extension (PAE). To re-enable (PAE), use the /pae parameter.
Comments
Data Execution Prevention (DEP) consists of hardware and software methods. Software-enforced DEP, which protects only user-mode processes, must be supported by the operating system. Hardware-enforced DEP sets a bit in the page table entry that prevents code from being executed from a a virtual memory page that should contain only data. Hardware-enforced DEP must be supported by the operating system and the processor on the computer. If the operating system supports DEP, but the processor does not, only software-enforced DEP is enabled on the system.
DEP (and the /noexecute parameter) are supported on Microsoft Windows XP with Service Pack 2 (SP2), Microsoft Windows 2003 with Service Pack 1 (SP1), and later versions of Windows.
The /noexecute parameter is effective only on 32-bit processes. It enables software-enforced DEP and, if the processor supports DEP, it also enables hardware-enforced DEP. On 64-bit processes, DEP is enabled by default and cannot be disabled (equivalent to /noexecute=alwayson). For these processes, the /noexecute parameter is ignored.
On Windows XP with SP2 and later versions of the Windows client operating system, the default value is /noexecute=optin. On Windows Server 2003 with SP1 and later versions of the Windows Server operating system, the default value is /noexecute=optout.
When DEP is enabled (/noexecute=alwayson | optout | optin) on a computer with a processor that supports hardware-enforced DEP, 32-bit versions of Windows automatically enable physical address extension (PAE) (See /pae). When DEP is disabled, Windows automatically disables PAE. To enable PAE without DEP, the boot options must explicitly enable PAE and disable DEP (/noexecute alwaysoff /pae).
To set the /noexecute=optin or /noexecute=optout policies, or to disable DEP on a particular executable file, use System in Control Panel. Click the Advanced tab, in the Performance section, click Settings, and then click the Data Execution Prevention tab. The options that you set on the tab are effective when you restart the computer.
