Jump to content
Login new information ×
Login new information
  • Security & Privacy News

    Microsoft may have fixed LSA bug with kernel-mode hardware stack protection in Windows 11

    Karlston

    By Karlston,
    Published Date:

    • 788 views
    • 2 minutes
     Share
    • 788 views
    • 2 minutes

    Microsoft may have quietly fixed a widespread issue that was affecting Windows Defender recently. Following multiple user reports and complaints, the company confirmed that a recent Defender update (KB5007651, version 1.0.2302.21002), released via March's Patch Tuesday, led to an error that caused the Windows Security app to wrongly display Local Security Authority (or LSA) protection as disabled. This left users worried as the message would suggest that their devices could be vulnerable.

     

    As a result of the bug, users were failing to toggle LSA protection to on as a device restart, which was prompted by the change. It would do nothing and revert the change automatically. In essence, LSA protection would remain disabled even after the PC was restarted as instructed by the Defender app.

     

    Microsoft had provided a workaround for the issue, and it basically involved dismissing such warnings. However, the company may have since fixed the problem with a more recent Defender update (KB5007651).

     

    According to Deskmodder, the new update, Windows Security Service version 1.0.2303.27001 has supposedly fixed the issue. The site suggests the issue was resolved by an update to "Kernel-mode Hardware-enforced Stack Protection" security feature present under Core Isolation (VBS). The feature was introduced with Windows 11 22H2. However,this update (KB5007651) was released nearly two weeks ago and Microsoft's known issues dashboard still lists the bug as open. Hence, there may be more to the story here.

     

    Elsewhere online, others are also noticing that the setting may be disabled by default (via Windows 11 forums), or it could be a bug. In order to use the Kernel-mode Hardware-enforced Stack Protection feature, Intel's Control-flow Enforcement Technology (CET) or AMD Shadow Stack technology is required. Supported chips include Intel 11th Gen Tiger Lake or newer parts, or AMD Zen 3 and newer.

     

     

    Microsoft may have fixed LSA bug with kernel-mode hardware stack protection in Windows 11

     Share
    Go to news

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...