Execute Disable Bit

Why Trust Techopedia

What Does Execute Disable Bit Mean?

An execute disable bit is an Intel hardware-based security component used in the central processing unit (CPU) to separate areas of a memory as storage of processor instructions or as storage of data. EDB classifies areas in memory where a code can execute or not execute. It is a basic input/output system (BIOS) feature, which if enabled reduces a computer system’s, or a server’s, vulnerability to viruses and malicious code attacks. Thus, EDB prevents these harmful viruses and malicious software from executing and spreading on a server or network.

EDB is also abbreviated as XDB. Intel markets EDB feature as XD bit. The EDB feature is only available in the most-up-to-date versions of Intel processors, but not all operating systems (OSs) support it.

This term is also known as NX-bit, the name used by Advanced Micro Devices (AMD).

Advertisements

Techopedia Explains Execute Disable Bit

Viruses and malicious codes, such as worms and malware, can try to use a buffer overrun method to get unauthorized access to protected system resources. The buffer overrun method targets programs accepting input data from untrusted sources. It stores the data in memory without verifying the length of the stored data. For example, a malware provides very long text, or a payload, as input data to a program containing malicious executable codes. When stored in the memory area, the payload changes how control is transferred in different parts of the program. Thus, the program transfers control to the malicious code stored in the payload. If EDB is disabled, the CPU will not restrict the malicious code execution in the memory area. It is recommended that EDB be enabled in the BIOS. Then the CPU will prevent execution of code in data only memory pages. Enabling EDB will increase protection against buffer overflow attacks.

As mentioned, EDB is only available in newer versions of Intel processors, but not all OSs support it. The following are the known current OSs that supports EDB:

  • Microsoft Windows Server 2003 with Service Pack 1

  • Microsoft XP with Service Pack 2

  • Microsoft Windows XP Tablet PC Edition 2005

  • SUSE Linux 9.2

  • Red Hat Enterprise Linux 3 Update 3

Enabling EDB helps businesses and individuals reduce costs on virus related repairs. It will also reduce the propagation of these malicious codes in a network and probably across the Internet.

Advertisements

Related Terms

Margaret Rouse
Technology expert
Margaret Rouse
Technology expert

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.