What to Do if "Local Security Authority Protection Is Off" in Windows 11
November 20, 2023
If you have installed KB5007651 (Version 1.0.2302.21002), there is a warning that “Local Security Authority protection is off. Your device may be vulnerable.” However, when you turn on the Local Security Authority protection and reboot your computer, this security warning still pops up. So, what to do if "Local Security Authority protection is off" in Windows 11? Here are 3 effective ways to fix it!
Way 1: Install the Latest KB5007651
Step 1: Press the Win + I key to open the settings window > Windows Update > Check for updates.
Once the checking is finished, there is a message of "Update for Windows Security platform antimalware platform - KB5007651 (Version 1.0.2306.10002)."
Step 2: Click Download & install all. Then restart your computer to see if the issue has been fixed.
If there is no KB5007651 (Version 1.0.2306.10002), go to the Microsoft Update Catalog website to download it manually.
Way 2: Enable LSA Protection via Registry Editor
Step 1: Press Win + R > Type “regedit” then click the OK button.
Step 2: Navigate the following path:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Step 3: Right-click the Lsa folder > New > DWORD (32-bit) Value > Rename it to “RunAsPPL”.
Step 4: Double-click the RunAsPPL > Change the Value data to “2”, then click OK.
Note: Some registry editors already have the RunAsPPL value, you don’t have to create a new one, you should double-click it to confirm whether the value is 2 or not.
Step 5: Right-click the Lsa folder to create another value > New > DWORD (32-bit) Value > Rename it to “RunAsPPLBoot”.
Step 6: Double-click the RunAsPPLBoot > Change the Value data to “2”, then click OK.
After finishing the above steps, reboot your computer to check if the LSA Protection warning hasn’t popped up again.
Way 3: Enable LSA Protection via Local Group Policy Editor
Step 1: Press Win + R > Type “gpedit.msc” and click OK to run the Local Group Policy Editor.
Step 2: Browse to the following path: Computer Configuration\Administrative Templates\System\Local Security Authority.
Note: If you are on Windows 11 Home, there is no local group policy.
Step 3: Find and double-click the “Configure LSASS to run as a protected process”.
Step 4: Choose Enabled > In the Configure LSA is set to run as a protected process option, select Enabled with UEFI Lock, then click OK.
After that, reboot your computer to check if the "Local Security Authority protection is off" security notification hasn’t come out again.
