I'm trying to add CSCRIPT.exe as an exception to DEP (Data Execution Prevention) in Windows Server 2008 R2. CSCRIPT.exe lives in two locations: C:\Windows\System32 and C:\Windows\SysWOW64. The System32 location is the 64-bit version of the application and 64-bit applications cannot be added to DEP according to Microsoft (and the warning message I get when trying to add it to DEP.) Trying to add the SysWOW64 version gives an entirely different error/warning message. "This program must run with DEP enabled, you can't turn it off".
I've tried renaming and moving CSCRIPT.exe to a different location and/or renaming it with no difference. For this use case DEP must be enabled and for the purposes of this specific question - I need to disable DEP just for this application.
One thing I did try was to use the CSCRIPT.exe from Windows Server 2003. I'm able to add this file to DEP successfully. However, something really bothers me about using the old version. I feel like I could be introducing a security risk or a version issue.
Is there a different method I could use to get the SysWOW64 version of CSCRIPT.exe into the DEP list? Or is the Windows Server 2003 version workaround a suitable fix?
EDIT: I understand that something may need to "give" with this particular question. I might not be able to get to common ground. If that's the case, so be it. I don't want to spend the time and effort to reinvent the wheel if its unnecessary. Thanks!