Microsoft confirmed earlier today that it has fixed a major issue with Windows Defender in which it would incorrectly display “Local Security Authority Protection is Off” even when the feature was toggled off. was and consequently the device was restarted to complete the activation process. The Local Security Authority, or LSA, authenticates, logs, and maintains all information related to the local security of a system. The bug was affecting all Windows 11 platforms, namely Windows 11 versions 22H2 and 21H2.
The Microsoft Health Dashboard describes the issue as follows:
After installing “Update for Microsoft Defender Antivirus antimalware platform – KB5007651 (version 1.0.2302.21002)”, you may receive a security notification or warning that says “Local security protection is turned off. You The device may be vulnerable.” And once protections are enabled, your Windows device may constantly signal that a restart is required.
About a week ago, users online started noticing that Microsoft has pushed out a new update called “Windows Security Service version 1.0.2303.27001” under KB5007651. The update apparently turned off LSA protection and today, it was confirmed by Microsoft itself. The tech giant has updated its health dashboard for the issue with a new resolution section where it basically confirmed the earlier report. It says:
Resolution: This issue was resolved in an update for Microsoft Defender Antivirus antimalware platform KB5007651 (version 1.0.2303.27001). If you want to install an update before it installs automatically, you must check for updates.
Interestingly, the new Defender update seems to have fixed the issue by updating the “Kernel-mode Hardware-enforced Stack Protection” security feature under Core Isolation (VBS) in the Windows Security app.
