What to Do if "Local Security Authority Protection Is Off" in Windows 11

User Author

Achilles.H

November 20, 2023

What to Do if Local Security Authority Protection Is Off in Windows 11

If you have installed KB5007651 (Version 1.0.2302.21002), there is a warning that “Local Security Authority protection is off. Your device may be vulnerable.” However, when you turn on the Local Security Authority protection and reboot your computer, this security warning still pops up. So, what to do if "Local Security Authority protection is off" in Windows 11? Here are 3 effective ways to fix it!

Way 1: Install the Latest KB5007651

Step 1: Press the Win + I key to open the settings window > Windows Update > Check for updates.

check for updates

Once the checking is finished, there is a message of "Update for Windows Security platform antimalware platform - KB5007651 (Version 1.0.2306.10002)."

Step 2: Click Download & install all. Then restart your computer to see if the issue has been fixed.

install the latest kb5007651 version

If there is no KB5007651 (Version 1.0.2306.10002), go to the Microsoft Update Catalog website to download it manually.

download kb5007651

Way 2: Enable LSA Protection via Registry Editor

Step 1: Press Win + R > Type “regedit” then click the OK button.

run regedit command

Step 2: Navigate the following path:

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

Step 3: Right-click the Lsa folder > New > DWORD (32-bit) Value > Rename it to “RunAsPPL”.

create runasppl value

Step 4: Double-click the RunAsPPL > Change the Value data to “2”, then click OK.

change runasppl data to 2

Note: Some registry editors already have the RunAsPPL value, you don’t have to create a new one, you should double-click it to confirm whether the value is 2 or not.

Step 5: Right-click the Lsa folder to create another value > New > DWORD (32-bit) Value > Rename it to “RunAsPPLBoot”.

create runaspplboot value

Step 6: Double-click the RunAsPPLBoot > Change the Value data to “2”, then click OK.

change runaspplboot data to 2

After finishing the above steps, reboot your computer to check if the LSA Protection warning hasn’t popped up again.

Way 3: Enable LSA Protection via Local Group Policy Editor

Step 1: Press Win + R > Type “gpedit.msc” and click OK to run the Local Group Policy Editor.

run gpedit msc command

Step 2: Browse to the following path: Computer Configuration\Administrative Templates\System\Local Security Authority.

Note: If you are on Windows 11 Home, there is no local group policy.

Step 3: Find and double-click the “Configure LSASS to run as a protected process”.

enable lsa protection via group policy editor

Step 4: Choose Enabled > In the Configure LSA is set to run as a protected process option, select Enabled with UEFI Lock, then click OK.

enable configures lsass to run as a protected process

After that, reboot your computer to check if the "Local Security Authority protection is off" security notification hasn’t come out again.