Solved Local Security Authority is off.


R

raphaelmsx

Member
Local time
6:11 PM
Posts
2
OS
Windows 11
Hi people.

Running Win11 22H2 22621.1702 here, and since yesterday I'm receiving this message in Windows Security, then I click "Go to settings" and it opens Core Isolation, but there's nothing else to turn it on. Rebooted, to no avail.

What can I do to fix it?

Thanks!

error01.png

error02.png
 
Windows Build/Version
22H2 22621.1702

My Computer

System One

  • OS
    Windows 11
Hello, and welcome. :alien:

This is a bug, but LSA is actually still running.

You can verify that LSA protection is enabled by looking in Event Viewer using the information available here.

You can use option 2 or 4 in the tutorial below to enable LSA again without the warning. Currently the LSA setting is missing in Windows Security since Build 22621.1635. We'll have to wait for a fix to get the toggle back in Windows Security.

www.elevenforum.com

Enable or Disable Local Security Authority (LSA) Protection in Windows 11

This tutorial will show you how to enable or disable Local Security Authority (LSA) protection for all users in Windows 11. Core isolation is a security feature of Microsoft Windows that protects important core processes of Windows from malicious software by isolating them in memory. It does...
www.elevenforum.com www.elevenforum.com
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender
Great news. You're most welcome.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender
Hello everyone. I have the same problem as raphaelmsx. I did what is says here: Configuring Additional LSA Protection and couldn't find any event like that. So it means that LSA is indeed off.

I appreciate your advice, Brink, but I don't feel comfortable to change the registry until an official Microsoft fix doesn't appear. What if I do the registry change, and when the official fix comes it isn't compatible with the workaround I did? I just hope Microsoft is aware of these problems.

To tell you some of the story: Since about 4th of May, Windows Security has started to warn me that Local Security Authority protection is off. When I enter Device Security, in Core Isolation, simply there is no option to turn LSA on or off... As you can see in the screenshot also. I don't think I had this problem before 4th of May. Coincidentally or not, on 4th of May, before the problem started (most probably), the Windows Security antimalware platform update has been installed (KB5007651, Version 1.0.2303.28002) through automatic updates on my computer. So I think maybe the update and the problem are connected?

I even reinstalled Windows, hoping this problem would go away, but some time after the reinstallation the same warning appeared. It appeared after I turned on Memory integrity (it wasn't turned on by default after the install), so maybe it is connected with this?

I have written in the Feedback Hub also. Apparently there are others there who have this problem also, there is a collection of topics with this problem that has 520 upvotes.
Core isolation warning.png LSA option not appearing.png

Also, maybe you can please help me with the following question? Why does it say "Standard hardware security not supported"? You can check my specs, are they not good enough?
Thank you!
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    Laptop
    Manufacturer/Model
    ASUS X1502ZA
    CPU
    Intel i5-1240P
    Memory
    8 GB DDR4, 3200 MHz
    Graphics Card(s)
    Intel UHD Graphics
    Hard Drives
    512 GB SSD PCIe M.2
    Other Info
    BIOS version 312
adriancornea52 said:
Hello everyone. I have the same problem as raphaelmsx. I did what is says here: Configuring Additional LSA Protection and couldn't find any event like that. So it means that LSA is indeed off.

I appreciate your advice, Brink, but I don't feel comfortable to change the registry until an official Microsoft fix doesn't appear. What if I do the registry change, and when the official fix comes it isn't compatible with the workaround I did? I just hope Microsoft is aware of these problems.

To tell you some of the story: Since about 4th of May, Windows Security has started to warn me that Local Security Authority protection is off. When I enter Device Security, in Core Isolation, simply there is no option to turn LSA on or off... As you can see in the screenshot also. I don't think I had this problem before 4th of May. Coincidentally or not, on 4th of May, before the problem started (most probably), the Windows Security antimalware platform update has been installed (KB5007651, Version 1.0.2303.28002) through automatic updates on my computer. So I think maybe the update and the problem are connected?

I even reinstalled Windows, hoping this problem would go away, but some time after the reinstallation the same warning appeared. It appeared after I turned on Memory integrity (it wasn't turned on by default after the install), so maybe it is connected with this?

I have written in the Feedback Hub also. Apparently there are others there who have this problem also, there is a collection of topics with this problem that has 520 upvotes.
View attachment 61108 View attachment 61106

Also, maybe you can please help me with the following question? Why does it say "Standard hardware security not supported"? You can check my specs, are they not good enough?
Thank you!
Click to expand...
This has been a problem for months now. Microsoft added the LSA protection toggle to Device Security, just to later remove it. Now the error is still there even tough the option to enable LSA is not present. You can manually enable LSA by editing the registry through regedit. There are tutorials on how to do this, Enable or Disable Local Security Authority (LSA) Protection in Windows 11 Tutorial for example.

Regarding the "Standard hardware security not supported" message, it seems that Secure Boot is missing. Have you enabled Secure Boot (UEFI) in BIOS?
 

My Computer

System One

  • OS
    Windows 11
Hellon Yeahoww. From what is says here, on a Microsoft official site: Device protection in Windows Security - Microsoft Support
Standard hardware security not supported - This means that your device does not meet at least one of the requirements of standard hardware security. The list of requirements is given a bit earlier on that site:
  • TPM 2.0 (also referred to as your security processor)
  • Secure boot enabled
  • DEP
  • UEFI MAT
My laptop has TPM 2.0 enabled. I verified it. So my device has at least one of the requirements. Then, either that Microsoft article has errors, or there is some bug in my system.

As for the LSA problem, thanks for confirming the bug. About the fix you suggested, as I said I don't feel comfortable changing the registry before an official fix comes. It may cause problems for when the fix comes.
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    Laptop
    Manufacturer/Model
    ASUS X1502ZA
    CPU
    Intel i5-1240P
    Memory
    8 GB DDR4, 3200 MHz
    Graphics Card(s)
    Intel UHD Graphics
    Hard Drives
    512 GB SSD PCIe M.2
    Other Info
    BIOS version 312
adriancornea52 said:
Hellon Yeahoww. From what is says here, on a Microsoft official site: Device protection in Windows Security - Microsoft Support
Standard hardware security not supported - This means that your device does not meet at least one of the requirements of standard hardware security. The list of requirements is given a bit earlier on that site:
  • TPM 2.0 (also referred to as your security processor)
  • Secure boot enabled
  • DEP
  • UEFI MAT
My laptop has TPM 2.0 enabled. I verified it. So my device has at least one of the requirements. Then, either that Microsoft article has errors, or there is some bug in my system.

As for the LSA problem, thanks for confirming the bug. About the fix you suggested, as I said I don't feel comfortable changing the registry before an official fix comes. It may cause problems for when the fix comes.
Click to expand...
Well, the portion of Secure Boot is missing from your Device Security screenshot. Secure Boot must be enabled to show up in Device Security, otherwise it will give you that error of Standard security not met. See my attachment.

What motherboard do you have? ASUS laptop? See the instructions on this site: [Motherboard] How to enable or disable Secure Boot ? | Official Support | ASUS Global
I bet that OS type is set to "Other" instead of "Windows UEFI mode".
 

Attachments

  • device-security.png
    device-security.png
    50.3 KB · Views: 1

My Computer

System One

  • OS
    Windows 11
Yeahoww said:
Well, the portion of Secure Boot is missing from your Device Security screenshot. Secure Boot must be enabled to show up in Device Security, otherwise it will give you that error of Standard security not met. See my attachment.

What motherboard do you have? ASUS laptop? See the instructions on this site: [Motherboard] How to enable or disable Secure Boot ? | Official Support | ASUS Global
I bet that OS type is set to "Other" instead of "Windows UEFI mode".
Click to expand...
I reiterate that according to that Microsoft article, my device should not receive the "Standard hardware security not supported" message since it meets at least one requirement (TPM 2.0).

But thank you for your suggestion, I will enable Secure Boot at some point and test if I still get the message.
 
Last edited:

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    Laptop
    Manufacturer/Model
    ASUS X1502ZA
    CPU
    Intel i5-1240P
    Memory
    8 GB DDR4, 3200 MHz
    Graphics Card(s)
    Intel UHD Graphics
    Hard Drives
    512 GB SSD PCIe M.2
    Other Info
    BIOS version 312
adriancornea52 said:
I reiterate that according to that Microsoft article, my device should not receive the "Standard hardware security not supported" message since it meets at least one requirement (TPM 2.0).

But thank you for your suggestion, I will enable Secure Boot at some point and test if I still get the message.
Click to expand...
To my experience atleast TPM and Secure boot needs to be enabled to get Standard security. If you enable Memory Integrity you get the message enhanced security.
 

My Computer

System One

  • OS
    Windows 11
You must log in or register to reply here.

Similar threads

Local Security Authority Process - Stopped Working
Replies
9
Views
3K
andrew129260
andrew129260
This module is blocked from loading into the Local Security Authority. \Device\HarddiskVolume#\Program Files\Bonjour\mdnsNSP.dll
Replies
10
Views
4K
Mikke
M
  • Article Article
Privacy and Security Verify Local Security Authority (LSA) Protection in Windows 11
Replies
0
Views
7K
Brink
Brink
Solved Local Security Authority
Replies
3
Views
2K
FreeBooter
FreeBooter
Solved Local security authority protection is off !
Replies
3
Views
6K
Brink
Brink

Latest Support Threads

Latest Tutorials

Back
Top Bottom