DEP does nothing to prevent OpenProcess() and WriteProcessMemory() from working or prevent applications from loading a dll which reaches into the main process's image to patch it. DEP tries to prevent exploitation from taking place within a single process by ensuring say, a buffer overflow can't just call the value you loaded into your webpage, not running software tampering with the memory of other running software using APIs which allow for the purpose.

Even if the page is marked as non-writable, execute only, you can pause the process, change the permissions and resume it or do it at image load time without issue.

Windows applications using the old/standard win32 api don't have sandboxing between them at all and any application is free to tamper with any other to an almost limitless extent. It's incredibly powerful, in both good and bad ways.

Certain advanced firewall tools with IDS style features can hook these calls and notify you when an application is attempting to do something like this.