Digital product execution control as disclosed contemplates production of a final version of a digital product and subsequently imposing execution control on that digital product. The manufacturer of the original digital product need not incorporate execution control features into the final version of the product. Execution control programming attaches to an executable file of the digital product to create a controlled executable file. The resulting operating environment when loaded is insufficient for the original executable file, and control programming determines whether or not execution will be allowed. If allowed, control programming creates the necessary operating environment for the digital product, i.e., as would be provided by the operating system if loaded normally, and allows execution of the digital product only under controlled conditions. Further security measures identify an executable portion of the digital product and a plurality of sub-portions of the executable portion are encrypted. An exception handler is established with the operating system and upon access to memory regions marked as protected the exception handler decrypts each sub-portion when accessed. A further security measure stores at a remote clearing house a key needed to decrypt the digital product for use. Upon execution, the controlled digital product interacts with the remote clearing house to obtain permission to execute and to obtain the key needed for execution.