Data Execution Prevention (known on other systems as the NX bit) is a protective measure against buffer overflows. It works by marking privileged areas in memory with the NX marker (No eXecute) which prevents these memory areas from executing code from any account that is not part of the NT_AUTHORITY family of users (and it is near impossible to log into these accounts and have them do stuff). This prevents exploits based off of buffer overflows and stack smashing since the intended code the attacker needs to execute to do whatever will never execute because the OS is instructed at the hardware level to never let it happen. Poorly coded software that isn't malicious can often trigger false positives with this scheme.
The end result is that instead of being exploited, Windows will immediately kill the offending process and notify you of the incident. Under Linux, it will most likely appear as a violation under SE Linux and the front end application for that will notify you.
[Edited by Neo7, 3/13/2012 7:26:34 AM]
Thanks for the detailed explanation, that was informative. If you have a good AV program and are very careful with what you allow would you still need something like this?
Might have to check it out then, thanks. I've never had any problems but you can't be too careful these days.
lol na its not got issues.