“Protection by Local Security Authority” – Issues caused by KB5007651 in Windows 11 22H2

KB5007651 is the ongoing update for the Windows Security Platform.A few days ago a new version was distributed to the “Windows Security Service” version: 1.0.2302.21002-0.For some, this leads to problems under Windows Security -> Device Security

Going into the core isolation details may result in “Protection by Local Security Authority” being disabled.If you want to activate this function, you will receive a message that you should restart.After a restart, the function is enabled, but you still get the message that a device restart is required and the message: “Protection by the local security authority is disabled.Your device may be vulnerable”.

My Insider Dev version has the same module installed though.But the error doesn’t appear here.So there seems to be an interaction between this update and the security update KB5022845.There is currently nothing you can do here other than wait for an update of KB5007651.We had this problem before in September 2022.A look in the registry showed me that an entry is simply not set.

Under
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa
is the DWORD value (32-bit) RunAsPPL with the value 2 exists.But the second DWORD value (32-bit) is missing even after the restart RunAsPPLBoot with the value 2.

I set it up and after a reboot everything was fine.But those who are not so experienced should wait for an update from Microsoft for Windows security.The problem is not unique.On answer.microsoft and also here

Thanks to Daniel for the tip.

Windows 11 tutorials and help

×