Why does Local Security Authority Protection indicate that protection is off when I have it turned on (Windows 11 Pro)?

Jerr- 35

I have a new Lenovo ThinkBook 14 G4 IAP with 12th Gen Intel(R) Core(TM) i7-1255U 1.70 GHz and Windows 11 Pro installed. Windows Security shows that Local Security Authority Protection is off, but it is toggled on and I have restarted the laptop several times.

What do I have to do to get Windows Security to recognize that LSA Protection is on?

Is there something (else) I need to install?

All updates have been installed, however, I noticed that KB2267602 has been installed several times with different version numbers.

Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Vikram Snyder 5 Reputation points

2023-03-20T07:16:49.54+00:00

Does that community forum post help?
Ruth Slater 20 Reputation points

2023-04-14T12:45:46.9833333+00:00

Please can Microsoft resolve this issue. Whilst very IT literate, I really do not want to be messing around with too many of the inner workings of my Surface Pro and Windows 11 when otherwise everything is working well. Ta
Eric Mycroft 0 Reputation points

2023-06-10T16:10:24.04+00:00

I have the same problem. When will microsoft fix the bug?
Kevin Gray 0 Reputation points

2023-06-18T22:52:28.83+00:00

I have this issue

2 answers

Limitless Technology 43,966 Reputation points

2023-03-20T14:18:07.9266667+00:00

Hello there,

This bug is in Windows Defender (KB5007651), a mandatory security update shipped alongside Windows 11's March 2023 Update. The issue seems widespread, and Microsoft is aware of the reports.

To fix “Local Security authority protection is off. Your device may be vulnerable”, follow these steps:

Open Windows Registry Editor.

Navigate to the following location: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

Make sure you have RunAsPPL and RunAsPPLBoot. If you don’t have RunAsPPLBoot listed, create DWORD entries for RunAsPPL and RunAsPPLBoot.

The value for both entries should be 2.

Hope this resolves your Query !!

--If the reply is helpful, please Upvote and Accept it as an answer–
Please sign in to rate this answer.

42 people found this answer helpful.
Luis 25 Reputation points

2023-03-21T22:12:39.6966667+00:00

I had the same problem on Windows 11 22h2. I was missing the "RunAsPPLBoot", I created it as explained here, then rebooted the OS and it was fixed. Thank you !!!

PhilW 0 Reputation points

2023-03-26T12:41:40.4433333+00:00

Worked for me, thank you very much!

Frank ! 0 Reputation points

2023-03-26T21:57:42.8166667+00:00

I followed the path and have no compatible statements. As I have neither word sets in Lsa my concern is programs are 64bit (QWORD) and I'm not sure if a DWORD entry will resolve or create my issue(s).

Giovanni Perdicaro 0 Reputation points

2023-03-27T13:01:46.2966667+00:00

Following your instructions I packed a .reg file. Hope this helps.

Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "RunAsPPL"=dword:00000002 "RunAsPPLBoot"=dword:00000002

Chad 0 Reputation points

2023-04-11T04:48:24.8833333+00:00

32-bit, 64-bit or both?

Kyle T 0 Reputation points

2023-05-14T14:37:09.01+00:00

This seems to have worked, thank you very much!

J Y 0 Reputation points

2023-05-22T09:31:21.2733333+00:00

Your advice is useful,but I want to know:what means for "runasppl value set value to 2"?

Arjang Safa 0 Reputation points

2023-05-29T23:48:05.0166667+00:00

Thank you. It worked for me. I created a 32bit version.

Mike Freier 0 Reputation points

2023-05-31T10:35:59.5833333+00:00

Worked like a charm. Easy-peasy. Thank you!

Pasindu Priyadarshana 0 Reputation points

2023-06-01T11:33:39.31+00:00

32 bit

Parker Nirvana 0 Reputation points

2023-06-11T01:35:18.7333333+00:00

I wasn't sure this was going to resolve the issue but I did it anyway, restarted the computer and YAY it worked! Thanks.
Sign in to comment
Glenn S 0 Reputation points

2023-03-21T21:13:37.9+00:00

No, because what do you do when you get to the registry? Just restart?
Please sign in to rate this answer.
Eric Mycroft 0 Reputation points

2023-06-10T16:11:52.51+00:00

I agree with Glenn, the answer is not helpful, Microsoft need to fix the bug, not us.

BigSteveLittle 0 Reputation points

2023-06-21T23:45:05.87+00:00

Hi Glenn, it works but he is leading you into the dark with the half answer. Once you have the editor open and can see either file needs to be created you right-click in empty space and select new -> under key select DWORD (32-bit) Value. This will create a file and let you name it as per the instructions. Once you have saved it's name right-click on the file it's self and choose Modify (the option in bold). In the box under Value data: change the value to "2".

I did not have have either of the entries and after creating them the issue instantly disappeared without restarting.

Hope that helps you or anyone else.

Cheers, Steve
Sign in to comment