Data Execution Prevention

Data Execution Prevention (DEP) is a Microsoft security feature that monitors and protects certain pages or regions of memory, preventing them from executing (usually malicious) code.

When DEP is enabled, all data regions are marked as non-executable by default.

When DEP is disabled, vulnerabilities such as buffer overruns can leave your code exposed to an injection of malicious code within these regions that can then be executed. For a more detailed explanation of DEP, visit the Microsoft Support site (, where you can find various articles on how it works, and how to enable and disable it on a number of platform and applications.

From version 10.0.0 onwards, the ACUCOBOL-GT runtime and acuthin client has DEP enabled. This should not generally cause any adverse effects, but where it might cause problems is when attempting to run ActiveX controls that were designed prior to the introduction of DEP; the effect is that they will most likely produce a memory access violation exception, which if not handled, will crash the application.

To enable you to continue to use these ActiveX controls, we have supplied a runtime and a thin client that allows you to run your applications with DEP disabled. However, be aware that using these executables exposes the risks mentioned above.

Note: If your application utilizes the ACUCOBOL-GT web runtime, then control of DEP is governed by its containing Microsoft technologies (such as Internet Explorer). Refer to the third-party documentation for controlling DEP in that product.