NOTE: See A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2, and Windows XP Tablet PC Edition 2005, and Windows Server 2003.

NOTE: See How to Configure Memory Protection in Windows XP SP2?

Using Wmic.exe, I have scripted DEP.bat to determine if Hardware DEP is available on my computer, and how it is configured.

To use Hardware DEP:

- The computer's processor must support DEP.

- The DEP functionality must be enabled in the BIOS.

- The computer must be running Windows XP SP2 or Windows Server 2003 SP1, or later versions.

- The computer must have Hardware-enforced DEP enabled for programs.

The syntax for using DEP.bat is:

DEP HA SP

Where:

<b>HA</b> is a <a href="/article/jsifaq/jsi-tip-5535-how-can-i-cause-a-called-batch-file-to-return-a-call-directed-environment-variable-.aspx">call directed environment variable</a> that will contain <b>TRUE</b> or <b>FALSE</b> to indicate Hardware <b>DEP</b>.

<b>SP</b> is a <a href="/article/jsifaq/jsi-tip-5535-how-can-i-cause-a-called-batch-file-to-return-a-call-directed-environment-variable-.aspx">call directed environment variable</a> that will contain:<p>
</p>
         SP    Description
         0 DEP is not enabled for any processes.
         1 DEP is enabled for all processes.
         2 DEP is enabled for all processes, but Administrators can exclude specific programs.
         3 Only operating system components and services use DEP. This is the default.
DEP.bat contains:
@echo off
If \{%2\}==\{\} @echo Syntax: DEP HA SP&goto :EOF
setlocal
for /f "Skip=1 Tokens=*" %%a in ('wmic OS Get DataExecutionPrevention_Available') do (
 set HA=%%a
)
for /f "Skip=1 Tokens=*" %%a in ('wmic OS Get DataExecutionPrevention_SupportPolicy') do (
 set SP=%%a
)
set HA=%HA: =%
set SP=%SP: =%
endlocal&set %1=%HA%&set %2=%SP%