NX Technology
Common Options : Enabled, Disabled
NX Technology : A Quick Review
The NX Technology BIOS feature is actually a toggle for the processor’s No Execute feature.
In fact, the acronym NX is short for No Execute and is specific to AMD’s implementation. Intel’s implementation is called XD, short for Execute Disable.
When enabled, the processor prevents the execution of code in data-only memory pages. This provides some protection against buffer overflow attacks.
When disabled, the processor will not restrict code execution in any memory area. This makes the processor more vulnerable to buffer overflow attacks.
It is highly recommended that you enable the NX Technology BIOS feature for increased protection against buffer overflow attacks.
However, please note that the No Execute feature is a hardware feature present only in the AMD64 family of processors. Older AMD processor do not support the No Execute feature. With such processors, this BIOS feature has no effect.
In addition, you must use an operating system that supports the No Execute feature. Currently, that includes the following operating systems :
- Microsoft Windows Server 2003 with Service Pack 1, or newer
- Microsoft Windows XP with Service Pack 2, or newer
- Microsoft Windows XP Tablet PC Edition 2005, or newer
- SUSE Linux 9.2, or newer
- Red Hat Enterprise Linux 3 Update 3, or newer
Incidentally, some applications and device drivers attempt to execute code from the kernel stack for improved performance. This will cause a page-fault error if No Execute is enabled. In such cases, you will need to disable this BIOS feature.
NX Technology : The Full Details
Buffer overflow attacks are a major threat to networked computers. For example, a worm may infect a computer and flood the processor with code, bringing the system down to a halt. The worm will also propagate throughout the network, paralyzing each and every system it infects.
Due to the prevalence of such attacks, AMD added a feature called No Execute page protection, also known as Enhanced Virus Protection (EVP) to the AMD64 processors. This feature is designed to protect the computer against certain buffer overflow attacks.
Processors that come with this feature can restrict memory areas in which application code can be executed. When paired with an operating system that supports the No Execute feature, the processor adds a new attribute bit (the No Execute bit) in the paging structures used for address translation.
If the No Execute bit of a memory page is set to 1, that page can only be used to store data. It will not be used to store executable code. But if the No Execute bit of a memory page is set to 0, that page can be used to store data or executable code.
The processor will henceforth check the No Execute bit whenever it executes code. It will not execute code in a memory page with the No Execute bit set to 1. Any attempt to execute code in such a protected memory page will result in a page-fault exception.
So, if a worm or virus inserts code into the buffer, the processor prevents the code from being executed and the attack fails. This also prevents the worm or virus from propagating to other computers on the network.
The NX technology BIOS feature is actually a toggle for the processor’s No Execute feature. In fact, the acronym NX is short for No Execute and is specific to AMD’s implementation. Intel’s implementation is called XD, short for Execute Disable.
When enabled, the processor prevents the execution of code in data-only memory pages. This provides some protection against buffer overflow attacks.
When disabled, the processor will not restrict code execution in any memory area. This makes the processor more vulnerable to buffer overflow attacks.
It is highly recommended that you enable the NX Technology BIOS feature for increased protection against buffer overflow attacks.
However, please note that the No Execute feature is a hardware feature present only in the AMD64 family of processors. Older AMD processor do not support the No Execute feature. With such processors, this BIOS feature has no effect.
In addition, you must use an operating system that supports the No Execute feature. Currently, that includes the following operating systems :
- Microsoft Windows Server 2003 with Service Pack 1, or newer
- Microsoft Windows XP with Service Pack 2, or newer
- Microsoft Windows XP Tablet PC Edition 2005, or newer
- SUSE Linux 9.2, or newer
- Red Hat Enterprise Linux 3 Update 3, or newer
Incidentally, some applications and device drivers attempt to execute code from the kernel stack for improved performance. This will cause a page-fault error if No Execute is enabled. In such cases, you will need to disable this BIOS feature.
Recommended Reading
- V-Link Data 2X Support From The Tech ARP BIOS Guide!
- AGPCLK / CPUCLK from The Tech ARP BIOS Guide!
- CPU / DRAM CLK Synch CTL – The Tech ARP BIOS Guide!
- AMD Radeon RX 5500 Series : Everything You Need To Know!
- Cooler Master COSMOS C700P Black Edition Revealed!
- The Tech ARP Mobile GPU Comparison Guide
- IDE Bus Master Support from The Tech ARP BIOS Guide!
- The Acer Predator Thronos Air Gaming Cockpit Revealed!
- Cooler Master MasterBox CM694 Details Revealed!
- CPUID Maximum Value Limit from The Tech ARP BIOS Guide!
- The NVIDIA ACE Design For Creator Laptops Explained!
- Bank Swizzle Mode from The Tech ARP BIOS Guide
- Master Priority Rotation from The Tech ARP BIOS Guide!
- RW Queue Bypass from The Tech ARP BIOS Guide
- AGP Capability from The Tech ARP BIOS Guide
- PCI Clock Synchronization Mode – The Tech ARP BIOS Guide
- The Intel Core Processor Number Guide – What They Mean!
- 10th Gen Intel Comet Lake : 1 Step Forward, 1 Step Back!
- 10th Gen Intel Ice Lake Mobile CPU Features + Specifications!
- The 10th Gen Intel Core Processor Number Guide!
- NVIDIA GeForce RTX SUPER : Everything You Need To Know!
- NVIDIA GeForce RTX 2080 SUPER Founders Edition Review!
- NVIDIA GeForce RTX 2070 SUPER Founders Edition Review!
- NVIDIA GeForce RTX 2060 SUPER Founders Edition Review!
Go Back To > Tech ARP BIOS Guide | Computer | Home
Support Tech ARP!
If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!