How to prevent the PAE kernel from loading in Windows Server 2003 with Service Pack 1 and later versions of Windows Server 2003 or in Windows XP with Service Pack 2 and later versions of Windows XP

This article describes how to prevent the Physical Address Extension (PAE) kernel from loading in Microsoft Windows Server 2003 with Service Pack 1 (SP1) and later versions of Windows Server 2003 or in Microsoft Windows XP with Service Pack 2 (SP2) and later versions of Windows XP.

Note We do not recommend that you disable PAE mode.

We recommend that you disable PAE mode only to work around a hardware issue or to troubleshoot a specific issue that involves PAE or Address Windowing Extensions (AWE). Some features in hardware, such as the security features that are described in this article, depend on the PAE kernel for implementation. Contact your hardware vendor for information that is relevant to a specific model of computer.

In Windows Server 2003 with SP1 and later versions of Windows Server 2003 and in Windows XP with SP2 and later versions of Windows XP, the Data Execution Prevention (DEP) processor features require that the processor run in PAE mode. DEP is a set of hardware and software technologies. These technologies perform additional checks on memory to help prevent malicious code from running on a system.

Starting with Windows XP SP2 and later versions of Windows XP, the 32-bit versions of Windows use one of the following hardware technologies to implement DEP:

• The no-execute page-protection (NX) processor feature as defined by Advanced Micro Devices.
• The Execute Disable Bit (XD) feature as defined by Intel.

For more information about the DEP feature, click the following article number to view the article in the Microsoft Knowledge Base: For more information about the underlying hardware technologies that are used with DEP, contact Advanced Micro Devices or Intel.

Note To support DEP, Windows will automatically load the PAE kernel. You do not have to use the /PAE boot switch in the Boot.ini file.

How to disable PAE mode

Warning This workaround may make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.

To troubleshoot a system, you may have to disable PAE mode on a computer where Windows has automatically enabled PAE mode. In this scenario, you can disable PAE mode by editing the Boot.ini file.

Disable PAE mode in Windows Server 2003 with SP1 and later versions of Windows Server 2003

Add the following switches to the Windows Server 2003 Boot.ini file:

/execute /NOPAE

For example, the Boot.ini file may appear as follows:

Disable PAE mode in Windows XP with SP2 and later versions of Windows XP

Add the following switches to the Windows XP Boot.ini file:

/noexecute=alwaysoff /NOPAE

For example, the Boot.ini file may appear as follows:

For more information about how to edit the Boot.ini file, click the following article number to view the articles in the Microsoft Knowledge Base: The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.