The Burroughs 5000 offered hardware support for executable-space protection on its introduction in 1961; that capability remained in its successors until at least 2006.
This helps to prevent certain buffer overflow exploits from succeeding, particularly those that inject and execute code, such as the Sasser and Blaster worms.
A technology supplying Architecture Independent emulation will be functional on all processors which aren't hardware supported.
Some desktop Linux distributions, such as Fedora, Ubuntu and openSUSE, do not enable the HIGHMEM64 option by default in their default kernels, which is required to gain access to the NX bit in 32-bit mode, because the PAE mode that is required to use the NX bit causes boot failures on pre-Pentium Pro (including Pentium MMX) and Celeron M and Pentium M processors without NX support.
Fedora Core 6 and Ubuntu 9.10 and later provide a kernel-PAE package which supports PAE and NX.
Exec Shield's legacy CPU support approximates NX emulation by tracking the upper code segment limit.
For legacy CPUs without an NX bit, Exec Shield fails to protect pages below the code segment limit; an mprotect() call to mark higher memory, such as the stack, executable will mark all memory below that limit executable as well.
Exec Shield checks for two ELF header markings, which dictate whether the stack or heap needs to be executable.
PaX provides two methods of NX bit emulation, called SEGMEXEC and PAGEEXEC.
The SEGMEXEC method imposes a measurable but low overhead, typically less than 1%, which is a constant scalar incurred due to the virtual memory mirroring used for the separation between execution and data accesses.
This is not a problem until the task requires access to more than half the normal address space, which is rare.
In these cases, PaX falls back to the older, variable-overhead method used by PAGEEXEC to protect pages below the CS limit, which may become quite a high-overhead operation in certain memory access patterns.
[6] Architectures that have per-page granularity consist of: alpha, amd64, hppa, i386 (with PAE), powerpc (ibm4xx), sh5, sparc (sun4m, sun4d), sparc64.
A technology in the OpenBSD operating system, known as W^X, marks writable pages by default as non-executable on processors that support that.
Windows Vista DEP works by marking certain parts of memory as being intended to hold only data, which the NX or XD bit enabled processor then understands as non-executable.
Windows implements software DEP (without the use of the NX bit) through Microsoft's "Safe Structured Exception Handling" (SafeSEH).
The effect of this protection is that an attacker is not able to add his own exception handler which he has stored in a data page through unchecked program input.
Windows allows programs to control which pages disallow execution through its API as well as through the section headers in a PE file.
Despite the lack of previous x86 hardware support, both executable and non-executable page settings have been provided since the beginning.
Assuming the programmer complied with "best practices", applications should work correctly now that NX is actually enforced.