After installing the Microsoft Defender update KB5007651(Version 1.0.2302.21002), released on March 14, 2023, some users have reported encountering a recurring error notification stating “Local Security protection is off. Your device may be vulnerable”. This error notification persists regardless of whether the Local Security Authority option is enabled or disabled.
Furthermore, when users click on the “Go to Settings” option, they are unable to find the Local Security Authority option. Instead, they may see a message such as “Page not available. The page you are trying to access has no supported features and is not available”.
While Microsoft released an update on May 16, 2023, for the Microsoft Defender Antivirus antimalware platform to address the “Local security protection is off” notification, it has since removed the KB5007651(Version 1.0.2303.27001) update due to other issues. As a result, there is currently no permanent solution for this problem until Microsoft releases another stable update.
However, addressing the missing Local Security Authority option requires modifying the relevant settings in the Registry Editor and the Local Group Policy Editor. It is recommended to make changes in both configurations. Please note that Windows Home users do not have the Local Group Policy Editor by default, so making registry changes alone should suffice in this case.
Here are the steps to modify the settings:
- Open the Run dialog by pressing the Windows key + R.
- Type “regedit” and press Enter to open the Registry Editor.
- Navigate to the following path: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa.
- Look for the “RunAsPPL” entry. If it exists, double-click on it. If not, follow the next step.
- Right-click on the “Lsa” key, select “New”, and choose “DWORD(32-bit) Value”.
- Name the new value as “RunAsPPL” and double-click on it.
- Set the “Value data” to 2 and click OK.
- Repeat steps 5-7 for the “RunAsPPLBoot” value. Create it if it doesn’t already exist.
To modify settings using the Local Group Policy Editor:
- Open the Run dialog.
- Type “gpedit.msc” and press Enter to open the Local Group Policy Editor.
- Navigate to the following path: Computer Configuration > Administrative Templates > System > Local Security Authority.
- Double-click on “Configures LSASS to run as a protected process”.
- Check the “Enabled” option and set the drop-down box below it to “Enabled without UEFI Lock”.
- Restart your computer for the changes to take effect.
Conclusion
After applying these changes, you can dismiss the “Local Security protection is off” prompt and continue with your normal work without worrying about security vulnerabilities. It is important to install all future updates for the Microsoft Defender Antivirus antimalware platform as they become available to ensure the ongoing security of your system.
Experiencing difficulties with your Device, check out our “How To” page on how to resolve some of these issues.