Page from 2010

tempusfugit.ca

EDB - Execute Disable Bit functionality


An Enterprise Security technology from Intel

What Intel say about EDB:

... can help prevent certain classes of malicious buffer overflow attacks when combined with a supporting operating system.


Windows is supposed to use this feature, however, if you search for: "execute disable bit vista" you get mostly references to XP and SP2. If the feature were to one that is widely used you would think that Microsoft would promote its use.

No clear indication whether the Linux kernel can use it.


Below is a screen-shot from an HP Support Forum:

EDB - Execute Disable Bit

Conspiracy theories aside - I think that it is more a case of incompetence on the part of Intel and Insyde (and the computer manufacturers) for not explaining things very well.

EDB - Execute Disable Bit - a screw-up at Insyde?

From another responder to the post:

"..... the recommendation to the industry was to disable the bit. Because of the security issues with "Blue Pill Attacks".......

Like the Intel "Virtualization Technology", the operation of this feature depends on too much "sleeping with the enemy"!

Intel's Processor Identifier software showing EDB capablility on a P7350

Links: