Turn off Data Execution Prevention for ExplorerID: oval:org.secpod.oval:def:8916 | Date: (C)2013-01-21 (M)2023-05-09 |
Class: COMPLIANCE | Family: windows |
The Turn off Data Execution Prevention for Explorer machine setting should be configured correctly.
This policy setting allows you to turn off the Data Execution Prevention feature for Internet Explorer on Windows Server 2008, Windows Vista SP1 and Windows XP SP3. If you enable this policy setting, Internet Explorer will not opt-in to Data Execution Prevention on platforms that support the SetProcessDEPPolicy API. If you disable or do not configure this policy, Internet Explorer will use the SetProcessDEPPolicy API to turn on Data Execution Prevention protection on platforms that support the API. This policy has no effect if Windows has been configured to enable Data Execution Prevention.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Explorer\Turn off Data Execution Prevention for Explorer
(2) KEY: HKLM\Software\Policies\Microsoft\Windows\Explorer\NoDataExecutionPrevention
Platform: |
Microsoft Windows Server 2008 R2 |