Microsoft has fixed a known issue triggering Windows Security warnings that Local Security Authority (LSA) Protection is off by removing the feature’s UI from settings.
LSA Protection helps defend Windows users against credential theft by preventing untrusted code from being injected into the LSASS.exe process to dump its memory or extract information.
Microsoft acknowledged a known issue causing persistent alerts asking for Windows restarts following a stream of reports mentioning “Local Security Authority protection is off. Your device may be vulnerable.” warnings even though LSA Protection was already enabled.
As the company revealed, the issue affects Windows 11 21H2 and 22H2 systems, and it was caused by a buggy Microsoft Defender Antivirus antimalware platform update.