Protection by local security authority is disabled. Your device may be vulnerable bug still causes headaches for Windows 11 users. This bug was first reported in March 2023 and remains defective in Windows 11 KB5025239 and KB5025224, the April 2023 cumulative updates for the operating system.
So what’s going on here? Like any version of Windows, Windows 11 also comes with it Local Security Authority (LSA), which is responsible for enforcing security policies. The LSA process is essential to various parts of the operating system and it is necessary to protect it from manipulation by malware or other malicious actors.
Windows 11 has the “Local Security Authority Protection” feature, first introduced in 8.1 and Server 2012 R2. LSA protection is enabled by default and Microsoft does not want users to disable it, so a “Local Security Authority protection is disabled. Your device may be vulnerable” warning appears when you disable the feature.
LSA Protection runs in the background by isolating the LSA process in a container and preventing other processes, such as malicious actors or apps, from accessing the feature. This makes LSA Protection an essential security feature, which is why it is enabled by default in all installations of Windows 11.
And here comes the problem: Windows 11 now warns users, “Protection from local security authorities is disabled. Your device may be vulnerable,” even with the feature enabled. This fake warning goes nowhere, and Microsoft’s multiple attempts to fix the problem fix via Windows Defender updates failed.
In addition to the warning, Windows Defender also continuously asks that a reboot is required. Users assume that restarting their systems will remove the warning, but that is not the case and the warning continues to appear.
Microsoft officials told us they started working on a fix in the second week of March, but the bug is still haunting users and it’s unclear when it will get a proper fix.
How To Fix “Local Security Authority Security Is Disabled” Error In Windows Settings
Here is a step-by-step guide that has been tested and validated by Proxa News to resolve the ‘Local Security Authority has been disabled. Your device may be vulnerable” warning from Windows settings:
- Open Registry Editor.
- Go to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
- In the LSA folder, create two DWORD entries: RunAsPPL and RunAsPPLBoot.
- Set their values to 2.
- Restart your PC.
If you follow the steps above, you can disable the fake Windows Security app alert.
According to the Microsoft spokesperson, you can safely ignore these warnings if you enable Local Security Authority (LSA) protection and restart your PC at least once.
“We recommend that you ignore the reboot request. You can ignore warning notifications and ignore additional notifications,” a Microsoft support representative told Proxa News in a live chat.
You can manually check if the feature is enabled by navigating to Event Viewers > “Applications and Services Logs” > “Microsoft” > “Windows” > “LSA”. In the event log, you should find Event ID 5004, which is associated with LSA Protection and confirms that LSA Protection is enabled.
