New Update Microsoft finally manages to fix Windows 11 Defender Local Security Authority protection off

Gandalf_The_Grey

Level 81
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,067
It is somewhat common for the Patch Tuesday OS security updates to break something, and the ones for March were no different. The updates introduced an issue with the Windows Security app wherein Microsoft Defender would wrongly report that the Local Security Authority (LSA) protection was off. It affected both Windows 11 22H2 as well as 21H2.

Microsoft provided a workaround for the issue at that time as it was still investigating the bug. After a month passed since then, the company announced that it was able to resolve the issue and the solution was to update to Defender version 1.0.2303.27001.

However, this victory of Microsoft was short-lived as the issue returned, as it never left for some, including one of Neowin forum members kiddingguy. Today, the Windows health dashboard issues section was updated by the tech giant as it claims that the LSA off issue has been finally resolved.

Microsoft says that the Defender version 1.0.2306.10002. Essentially, all you need to do is update to the latest version of Windows Security app via the Windows Update, and the issue should go away.

Microsoft writes:

Resolution: This issue was resolved in an update for Windows Security platform antimalware platform KB5007651 (Version 1.0.2306.10002). If you would like to install the update before it is installed automatically, you will need to check for updates.
 

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,903
Still not getting Windows Security platform antimalware platform KB5007651 (Version 1.0.2306.10002)

:(
Where did you check for it?

Windows Security Center => Settings => Info:

WSC.png
 

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,903
I have the latest version but LSA protection isn't showing at all. It's been that way for months.
True, LSA settings can't be touched anymore, maybe available via group policy...
Windows Security Center => Core isolation: there Microsoft replaced LSA option for this: "Kernel-mode Hardware-enforced Stack Protection" but depends on device hardware:

 
F

ForgottenSeer 97327

My hardware neither, but my wife's laptop ryzen 5 4500U should support stack protection, but in process explorer it is off for all processes (even when I enable it with exploit protection). Anyone same experience (hardware should support it, but is off)? Or even better has resolved this issue?
 

TairikuOkami

Level 37
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,609
I don't think it does. AFAIK, you need AMD Zen 3 or higher architecture processors. 4500U is Zen 2.
I had LSA protection ON before, then OFF and now it does not show at all, neither does "Kernel-mode Hardware-enforced Stack Protection" .
But after BIOS update, secure boot is disabled and sometimes I forget to enable it, still I get BSOD with an invalid signature, so who knows?
 
  • Like
Reactions: SeriousHoax

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,903
My hardware neither, but my wife's laptop ryzen 5 4500U should support stack protection, but in process explorer it is off for all processes (even when I enable it with exploit protection). Anyone same experience (hardware should support it, but is off)? Or even better has resolved this issue?
Here as example for Firefox, Stack Protection shows: Compatible modules only, or simply Disabled. Note: First, I have nothing "tweaked" via Windows exploit protection.

PE#1.png

But when I manually enable Stack Protection via Windows Exploit Protection for Firefox: Now all processes shows: Compatible modules only (y)

PE#2.png
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top