function ActiveDEP: Cardinal;
const
  OptIn: Byte = 2;
  PROCESS_DEP_ENABLE = 1;
var
  Info: TOSVersionInfo;
  SetProcessDEPPolicy: function (dwFlags: dword): Boolean; stdcall;
  GetSystemDEPPolicy: function: Word; stdcall;
  nStatus: Word;
  h :HINST;
begin
  Result := S_FALSE;
  ZeroMemory(@Info, SizeOf(TOSVersionInfo));
  Info.dwOSVersionInfoSize := SizeOf(TOSVersionInfo);

  // Wir benötigen mind. Windows XP SP3
  if Windows.GetVersionEx(Info)
    and (Info.dwMajorVersion >= 6)
    or ((Info.dwMajorVersion = 5)
    and (Info.dwMinorVersion = 1)
    and (lstrcmpi(Info.szCSDVersion, 'Service Pack 3') = 0)) then
  begin
    h := SafeLoadLibrary('Kernel32.dll', SEM_NOOPENFILEERRORBOX);
    nStatus := OptIn;

    // Den aktuellen systemweiten Status der Datenausführungsverhinderung (DEP) abfragen
    if (h <> 0) then
    begin
      @GetSystemDEPPolicy := GetProcAddress(h, 'GetSystemDEPPolicy');
      FreeLibrary(h);    
      nStatus := GetSystemDEPPolicy();
    end;

    // Wenn der Staus auf OptIn (=2) steht, dann kann DEP für den aktuelle Prozess aktviert werden
    if (nStatus = OptIn) then
    begin
      h := SafeLoadLibrary('Kernel32.dll', SEM_NOOPENFILEERRORBOX);

      if (h <> 0) then
      begin
        @SetProcessDEPPolicy := GetProcAddress(h, 'SetProcessDEPPolicy');
        FreeLibrary(h);

        if not SetProcessDEPPolicy(PROCESS_DEP_ENABLE) then
          Result := GetLastError
        else
          Result := S_OK;
      end;
    end;
  end
  else
    Result := ERROR_OLD_WIN_VERSION;
end;