Microsoft states the KB5007651 Microsoft Protector Anti-virus upgrade activates Windows Security cautions on Windows 11 systems stating that Resident Security Authority (LSA) Security is off.
LSA Security is a security function that protects delicate details like qualifications from theft by obstructing untrusted LSA code injection and procedure memory discarding.
Widespread user reports state that “Regional Security Authority defense is off. Your gadget might be susceptible.” cautions have actually been appearing even when LSA Security is allowed, as BleepingComputer reported on Monday.
Today, Microsoft acknowledged this as a brand-new recognized problem triggering impacted Windows gadgets to constantly alert that they’re susceptible which a reboot is needed after toggling on LSA Security.
Redmond states that the consistent reboot informs will just appear on systems running Windows 11 21H2 and 22H2.
” After setting up ‘Update for Microsoft Protector Anti-virus antimalware platform – KB5007651 (Variation 1.0.2302.21002),’ you may get a security alert or alerting specifying that ‘Regional Security defense is off. Your gadget might be susceptible.’ and when defenses are allowed, your Windows gadget may constantly trigger that a reboot is needed,” Redmond describes
” This problem impacts just ‘Update for Microsoft Protector Anti-virus antimalware platform – KB5007651 (Variation 1.0.2302.21002).’ All other Windows updates launched on March 14, 2023 for impacted platforms (KB5023706 and KB5023698), do not trigger this problem.”
Workaround readily available
Microsoft states it’s dealing with a repair for the consistent LSA Security alerting concerns and will supply more information as quickly as readily available.
The business likewise offers a workaround for impacted consumers till a resolution is readily available, asking to overlook the reboot alerts.
” If you have allowed Regional Security Authority (LSA) defense and have actually rebooted your gadget a minimum of when, you can dismiss alerting alerts and overlook any extra alerts triggering for a reboot,” the business states.
To examine if LSA had really begun in safeguarded mode on your computer system when Windows began, you can look for the following WinInit occasion in the System logs under Windows Logs: “12: LSASS.exe was begun as a safeguarded procedure with level: 4”
While BleepingComputer reported that the cautions can be dismissed by including 2 pc registry entries, Microsoft states it does “not advise any other workaround for this problem.”
Redmond likewise revealed previously this month that it would allow Resident Security Authority (LSA) Security by default for Windows 11 Experts in the Canary channel if their systems pass an incompatibility audit check (Microsoft is yet to describe the compatibility concerns it’s looking for).