Windows Security Bug - Local Security Authority Protection Not Registering a System Restart

Question

After I uninstalled Avira Antimalware, I got an alert from Windows Security that my Local Security Authority Protection was turned off. But after I turned it on and restarted as instructed, I continue to get the same alert that my Local Security Authority Protection is turned off, even though within the same window, the toggle switch under the "Local Security Authority Protection" heading displays that it's already turned on.

Additionally, at the same time that this bug appeared, I've also started to get an old Windows bug where if I try to open File Explorer from the taskbar, the entire taskbar would crash and restart every time (though I can open File Explorer from the Start menu without issue).

Any help resolving either bug would be appreciated. Thanks.

Answer 1

I figure that is a missing reg entry RunAsPPLBoot in my case.

Create a new DWORD32 and set to 2

After reboot no longer get error.

RunAsPPL and RunAsPPLBoot.

By default they are set to 0 to enable this you need to set them to 2.

Also set group policy as enable for uefi lock only , my problem is fixed now, no need to reset windows.

In the Local Group Policy Editor window, navigate to the following path: Computer Configuration\Administrative Templates\System\Local Security Authority.

In the right panel, double-click on the ‘Configure LSASS to run as a protected process‘ policy.

In the policy settings window, select the Enabled option

Then click on the dropdown under Configure LSA to run as a protected process and select Enabled with UEFI Lock

Answer 2

Thanks for reaching out! My name is, Zadee. I'm an Independent Advisor and a Microsoft user like you. I'll be glad to help you today.

Please see this article, Ben. Skip to method #2. This may help.

https://www.thewindowsclub.com/how-to-enable-lo...

Hope that helps. Please let us know if the suggestion works or not, so we can have other experts join in and share their ideas. Thank you!

STANDARD DISCLAIMER:

This is a non-Microsoft website. The page appears to be providing accurate, safe information. Watch out for ads on the site that may advertise products frequently classified as a PUP (Potentially Unwanted Products). Thoroughly research any product advertised on the site before you decide to download and install it.

Best Regards,

Answer 3

Thanks, but unfortunately there's been no change in either the LSA protection alert or the Explorer taskbar crashing. The LSA registry value was equal to 2 previously, and I've changed it to be equal to 1 as instructed (and I double-checked that it's still equal to 1 after restarting, since the LSA bug remains unchanged).

Answer 4

Thanks for the response. Can you try to reset Win Sec, please?

-Win + Q

-Type: Windows Security

-Right-click on Windows Security app

-Select App settings

-Scroll down and click Reset

If it's still the same, run an in-place repair. You follow the steps below:

This will not delete any data or reset your windows, this will simply correct corrupted system files in your computer.

Please follow these steps for the windows repair:

1. Go to this link: https://www.microsoft.com/en-us/software-downlo...
2. Under "Create Win 11 Installation Media". Click Download Now.
3. Run the MediaCreationToolW11.exe that you just downloaded.
4. Agree to Terms.
5. Don't change anything. Click NEXT.
6. Select ISO File. And Save it to your desktop or anywhere on your computer where you can easily find it.
7. Once done with the download. Double-click the ISO file and run the "Setup" file.
8. Accept Terms again.
9. Make sure to leave the setting "Install Windows 11" and "Keep Personal Files and Apps"
10. Wait for the installation to finish.

Keep me posted. Thanks!

Answer 5

Cool. The in-place repair fixed it. Thanks for all your help!