I was going over what is new in Windows XP SP2 (due out in May) for work and I came across this little tidbit of info:
Microsoft is working with microprocessor companies to help Windows support hardware-enforced execution protection (also known as NX, or no execute) on microprocessors that contain the feature. Execution protection uses the CPU to mark all memory locations in an application as non-executable unless the location explicitly contains executable code. This way, when an attacking worm or virus inserts program code into a portion of memory marked for data only, an application or Windows component will not run it.Having this kind of protection in the CPU could solve a whole lot of problems with this kind of exploit, although I have no idea how someone would mark an area of memory as executable code vs a data block, and can that flag be re-set?
Currently only the AMD Athlon64 and some Intel Itanium series processors seem to carry this feature.