panel, it is not provided to close DEP option, then how to disable? If it is the system before Vista, we can change Boot.ini file, adding “NoExecute=Always0ff” to disable it. However, in Windows Vista, Windows Server 2008 and Windows 7, boot.ini file has already been replaced by Boot Configuration Data (BCD) file. Luckily we can use command line tool provided by Microsoft bcdedit.exe to edit BCD file.
 Under command prompt, run bcedit command without any parameter, then you can see current boot configuration.
Summary: in fact, DEP is a cure for the override problem about Windows system buffer, of which function is to stop malicious software overriding by buffer. Besides, buffer override protection provided by DEP also has some side effect, that is, the applications stopped by DEP usually would be suspended, namely, DEP stops malicious application executing the code, but this situation creates a new opportunity for malicious application to start DOS attack. At last, I want to clarify, although I take Windows 7 as an example for the explanation about DEP, most parts are also proper for Windows Vista and Windows Server 2008. Hope this article could help something to know DEP and understand the security mechanism about Windows system.