GetSystemDEPPolicy function (winbase.h)
Gets the data execution prevention (DEP) policy setting for the system.
Syntax
DEP_SYSTEM_POLICY_TYPE GetSystemDEPPolicy();
Return value
This function returns a value of type DEP_SYSTEM_POLICY_TYPE, which can be one of the following values.
| Return code/value | Description |
|---|---|
|
DEP is disabled for all parts of the system, regardless of hardware support for DEP. The processor runs in PAE mode with 32-bit versions of Windows unless PAE is disabled in the boot configuration data. |
|
DEP is enabled for all parts of the system. All processes always run with DEP enabled. DEP cannot be explicitly disabled for selected applications. System compatibility fixes are ignored. |
|
On systems with processors that are capable of hardware-enforced DEP, DEP is automatically enabled only for operating system components. This is the default setting for client versions of Windows. DEP can be explicitly enabled for selected applications or the current process. |
|
DEP is automatically enabled for operating system components and all processes. This is the default setting for Windows Server versions. DEP can be explicitly disabled for selected applications or the current process. System compatibility fixes for DEP are in effect. |
Remarks
The system-wide DEP policy is configured at boot time according to the policy setting in the boot configuration data. To change the system-wide DEP policy setting, use the BCDEdit /set command to set the nx boot entry option.
If the system DEP policy is OptIn or OptOut, DEP can be selectively enabled or disabled for the current process by calling the SetProcessDEPPolicy function. This function works only for 32-bit processes.
A user with administrative privileges can disable DEP for selected applications by using the System Control Panel application. If the system DEP policy is OptOut, DEP is disabled for these applications.
The Application Compatibility Toolkit can be used to create a list of individual applications that are exempt from DEP. If the system DEP policy is OptOut, DEP is automatically disabled for applications on the list.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista with SP1, Windows XP with SP3 [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | winbase.h (include Windows.h) |
| Library | Kernel32.lib |
| DLL | Kernel32.dll |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for