An execute disable bit is an Intel hardware-based security..." />

An execute disable bit is an Intel hardware-based security..." />


[WEBINAR] Bulletproof: How Today's Business Leaders Stay on Top

Execute Disable Bit (EDB)

Definition - What does Execute Disable Bit (EDB) mean?

An execute disable bit is an Intel hardware-based security component used in the central processing unit (CPU) to separate areas of a memory as storage of processor instructions or as storage of data. EDB classifies areas in memory where a code can execute or not execute. It is a basic input/output system (BIOS) feature, which if enabled reduces a computer system's, or a server’s, vulnerability to viruses and malicious code attacks. Thus, EDB prevents these harmful viruses and malicious software from executing and spreading on a server or network.

EDB is also abbreviated as XDB. Intel markets EDB feature as XD bit. The EDB feature is only available in the most-up-to-date versions of Intel processors, but not all operating systems (OSs) support it.

This term is also known as NX-bit, the name used by Advanced Micro Devices (AMD).

Techopedia explains Execute Disable Bit (EDB)

Viruses and malicious codes, such as worms and malware, can try to use a buffer overrun method to get unauthorized access to protected system resources. The buffer overrun method targets programs accepting input data from untrusted sources. It stores the data in memory without verifying the length of the stored data. For example, a malware provides very long text, or a payload, as input data to a program containing malicious executable codes. When stored in the memory area, the payload changes how control is transferred in different parts of the program. Thus, the program transfers control to the malicious code stored in the payload. If EDB is disabled, the CPU will not restrict the malicious code execution in the memory area. It is recommended that EDB be enabled in the BIOS. Then the CPU will prevent execution of code in data only memory pages. Enabling EDB will increase protection against buffer overflow attacks.

As mentioned, EDB is only available in newer versions of Intel processors, but not all OSs support it. The following are the known current OSs that supports EDB:

  • Microsoft Windows Server 2003 with Service Pack 1

  • Microsoft XP with Service Pack 2

  • Microsoft Windows XP Tablet PC Edition 2005

  • SUSE Linux 9.2

  • Red Hat Enterprise Linux 3 Update 3

Enabling EDB helps businesses and individuals reduce costs on virus related repairs. It will also reduce the propagation of these malicious codes in a network and probably across the Internet.

Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.