A recent Windows update for Windows 10/11 included a security incident that caused a bug to appear in the form of an LSASS Local Service Authority Protection error on the Windows Defender Security application. This issue has caused concern for many users who fear their device’s security may be compromised. However, it’s important to note that Windows has your back-end protection covered and this issue is simply a bug in the reporting feature.
LSA is an essential Windows Security feature responsible for enforcing local security policies and authentication on the system. That manages the Security Account Manager database for the end user, storing confidential account information and passwords. The error message users see with the bug is that the Local Security Authority Protection is turned off. If you are one of these troubled users, this article will help you. Here, we have mentioned all the solutions you can try to resolve this problem independently. So without any further ado, let’s get into it.
Page Contents
How can the Windows LSASS Local Service Authority Protection error be fixed in Windows Defender Security?
The toggle for Local Security Authority Protection shows turned on, but the message center continues to deliver a message that reads that the Local Security Authority Protection is turned off. This is not exclusively just a bug issue, though. One can see the error message even when the system files are corrupted. Or sometimes, an installed third-party antivirus program can block out some of the Windows Defender or Security features.
Well, whatever may be the case, you don’t need to worry at all. Here in this article, we will provide you with the step by step instructions on how to get rid of this error message from the Windows Security Centre.
Now let’s get into the solutions.
Click on Dismiss and restart the system:
In the message center itself, you will see a dismiss button. Once you click on it, the alert will be on the page, but it won’t appear as a notification. You can click on this button and restart your system. If the error started appearing after an update, you could choose this method to eliminate the error. This is because the security flaw does not exist. This is just a reporting bug arising from the recent Windows update.
Fresh install Windows:
Apart from simply clicking on Dismiss, you can also eliminate the error entirely. But for this, you will have to install Windows again, and the build or version needs to be an older one that does not have the bug.
You can go to Microsoft’s website and download the build of your choice. Once you have the build file, you can install it in a bootable media device and install that version of Windows onto your computer.
The trouble would be identifying the version that did not have the error. The installation would be easier if you could get a hold of that version or build number.
Check for corrupted files:
System file corruption is also a common cause behind the LSASS bug. So you need to check your system for corruption and fix it if possible. That might solve your LSASS bug as well.
- Type cmd in the Windows Search.
- Right-click on the result and choose the option Run as an administrator.
- The user Account Control prompt will show up. Click on Yes here.
- Enter the following command and press Enter.
sfc /scannow
- Wait till this is done, and then enter the following commands one after the other.
DISM /Online /Cleanup-Image /CheckHealth DISM /Online /Cleanup-Image /ScanHealth DISM /Online /Cleanup-Image /RestoreHealth
- Now restart your system.
If this does not solve your problem, try the next fix.
Install Windows Update or wait for it:
As this bug showed up after a particular Windows update, there is a chance that Microsoft already knows about this bug. And to fix this, they will soon roll out an update to resolve the issue.
So you need to check for the latest updates frequently, and once you see an update pending on your system, you need to install it immediately.
To check for the latest update, follow the steps mentioned below.
- Press Windows + I to open up the Settings page.
- Click on Update & Security.
- Click on Windows Update in the left pane; if there is any pending update, it will appear in the right pane. Once you see it, click on it to install it on your system.
- Once the update is installed, the bug should go away entirely.
If this does not solve your problem, try the next fix.
System Restore:
Windows creates a system restore automatically that acts as a point of recovery for Windows users. If you are sure you are witnessing this error message only after a recent Windows update, you can be sure that restoring it to a point when the update was not installed will resolve the problem.
- Enter the control panel in the search box.
- Select Control Panel from the list of options that show up.
- Click on Recovery.
- Go to Open System Restore.
- Select the restore you want to use per the date and time associated with that restore point.
- You will see a list of items that will be deleted with the selected restore point installation. If you agree with the deletions, click Close > Next > Finish.
Your system will return to a Windows version that did not have the security bug.
Edit the Registry:
This is the solution that will resolve the issue for you. Here, we will go into the registry editor and tweak a few things to fix the bug entirely.
But before you edit the registry, ensure that you have a backup.
- Type regedit in the Windows search and press Enter.
- The user Account Control prompt will show up. Click on Yes here.
- Click on File and then click on Export.
- Under the Export Range, select All and then save the backup in your desired location.
- Now go to the location “
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa“ - On the right pane, find the RunAsPPL entry and double-click on it.
- Set the Hexadecimal value to 1 or 2.
- Click on Okay and then restart your system.
If this does not solve your problem, try the next fix.
Use PowerShell:
You can also use PowerShell for tweaking your registry.
- Type PowerShell in the Windows Search.
- Right-click on the result and choose the option Run as an administrator.
- The user Account Control prompt will show up. Click on Yes here.
- Enter the following commands one after the other:
“reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v RunAsPPL /t REG_DWORD /d 2 /f”
“reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v RunAsPPLBoot /t REG_DWORD /d 2 /f”
- Once both these commands are executed, close PowerShell and restart your computer.
If this does not solve your problem, try the next fix.
Use Group Policy:
Finally, the last fix would be to use the Group Policy editor to resolve your LSASS bug.
- Type Group Policy in the Windows search and press Enter.
- Go to the location: Local Computer Policy > Computer Configuration > Administrative Templates > System > Local Security Authority.
- Right-click the Configure LSASS to run as a protected process on the right pane and choose Edit.
- Select Enabled.
- Under options, Select Enabled with UEFI Lock and then click on Apply.
- Finally, click on okay and then restart your computer.
So these are all the solutions to fix the Windows LSASS Local Service Authority Protection error in Windows Defender Security. If you have any questions or queries about this guide, comment below, and we will reply. Don’t forget to let us know which fix did the trick for you. Also, check out our other articles on iPhone tips and tricks, Android tips and tricks, PC tips and tricks, and much more for more helpful information.