Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects simply to a non-technical, business audience. Over…
An execute disable bit is an Intel hardware-based security component used in the central processing unit (CPU) to separate areas of a memory as storage of processor instructions or as storage of data. EDB classifies areas in memory where a code can execute or not execute. It is a basic input/output system (BIOS) feature, which if enabled reduces a computer system’s, or a server’s, vulnerability to viruses and malicious code attacks. Thus, EDB prevents these harmful viruses and malicious software from executing and spreading on a server or network.
EDB is also abbreviated as XDB. Intel markets EDB feature as XD bit. The EDB feature is only available in the most-up-to-date versions of Intel processors, but not all operating systems (OSs) support it.
This term is also known as NX-bit, the name used by Advanced Micro Devices (AMD).
Viruses and malicious codes, such as worms and malware, can try to use a buffer overrun method to get unauthorized access to protected system resources. The buffer overrun method targets programs accepting input data from untrusted sources. It stores the data in memory without verifying the length of the stored data. For example, a malware provides very long text, or a payload, as input data to a program containing malicious executable codes. When stored in the memory area, the payload changes how control is transferred in different parts of the program. Thus, the program transfers control to the malicious code stored in the payload. If EDB is disabled, the CPU will not restrict the malicious code execution in the memory area. It is recommended that EDB be enabled in the BIOS. Then the CPU will prevent execution of code in data only memory pages. Enabling EDB will increase protection against buffer overflow attacks.
As mentioned, EDB is only available in newer versions of Intel processors, but not all OSs support it. The following are the known current OSs that supports EDB:
Microsoft Windows Server 2003 with Service Pack 1
Microsoft XP with Service Pack 2
Microsoft Windows XP Tablet PC Edition 2005
SUSE Linux 9.2
Red Hat Enterprise Linux 3 Update 3
Enabling EDB helps businesses and individuals reduce costs on virus related repairs. It will also reduce the propagation of these malicious codes in a network and probably across the Internet.
Techopedia’s editorial policy is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.
What is Differential Privacy? Differential privacy is a mathematical framework for determining a quantifiable and adjustable level of privacy protection....
Margaret RouseTechnology Expert
What are Tactics, Techniques, and Procedures (TTPs)? Tactics, techniques, and procedures (TTPs) are the strategic plans, methodologies, and actions an...
What is a Security Posture? Security posture definition refers to the ability an organization has to protect its information technology...
Trending NewsLatest GuidesReviewsTerm of the Day