Microsoft confirmed the "Local Security Authority protection is off" Windows 11 issue in March 2023. The company then produced a solution for it, but had to retract the solution as it was causing issues of its own. An update to the issue, released yesterday, confirms that the issue is still not resolved and that Microsoft had to pull the update that was supposed to resolve it.
Windows 11 users may get a "Local Security protection is off. Your device may be vulnerable" security warning or notification on their devices after installing the Update for Microsoft Defender Antivirus antimalware platform (KB5007651).
Enabling of the feature on the Windows 11 device removed the notifications, but it might lead to persistent prompts to restart the operating system.
Microsoft published an update for Microsoft Defender Antivirus, which increased the build of the security tool to 1.0.2303.27001. The company admits now that this update was also causing issues, but did not go into details regarding these issues. They appear to have been serious, as Microsoft pulled the update so that it is not offered anymore to Windows 11 devices.
This meant, that systems would once again face the issues regarding the Local Security Authority protection. The original workaround, released in March 2021, is still the only recommended solution by Microsoft. The company notes: "If you have enabled Local Security Authority (LSA) protection and have restarted your device at least once, you can dismiss warning notifications and ignore any additional notifications prompting for a restart. "
Windows devices with the new Microsoft Defender Antivirus antimalware platform update installed, the one that Microsoft pulled, may receive blue screen errors or automatic restarts of the system when certain games or apps are opened.
Microsoft recommends that administrators disable the Kernel-mode Hardware-enforced Stack Protection feature of the operating system. Administrators find the option under Start > Settings > Privacy & Security > Windows Security > Device Security > Core Isolation > Kernel-mode Hardware-enforced Stack Protection.
Another workaround that should resolve these issues is to uninstall the latest Microsoft Defender Antivirus update on the device.
Microsoft continues to work on a resolution for the issue and plans to release an update "in an upcoming release".
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.