Microsoft Defender update causes Windows Hardware Stack Protection mess


In a confusing mess, a recent Microsoft Defender update rolled out a new security feature called ‘Kernel-mode Hardware-enforced Stack Protection,’ while removing the LSA protection feature. Unfortunately, Microsoft has not provided any documentation on this change, leading to more questions than answers.

Local Security Authority Protection, aka LSA Protection, is a security feature that protects sensitive information, like credentials, from being stolen by blocking untrusted code from being injected into the LSASS process and LSASS process memory dumping.

Read more…