Security News > 2023 > May > Microsoft pulls Defender update fixing Windows LSA Protection bug

Microsoft has pulled a recent Microsoft Defender update that was supposed to fix a known issue triggering persistent restart alerts and Windows Security warnings that Local Security Authority Protection is off.

Microsoft acknowledged the issue on March 21, after widespread user reports regarding Windows 11 systems warning that LSA protection was off.

A subsequent Microsoft Defender update issued weeks later replaced the LSA Protection feature's user interface setting with a new feature called Kernel-mode Hardware-enforced Stack Protection.

"LSA Protection has not been removed - it is still built in and on by default on Windows 11 machines. In the latest Windows Insider Preview, there was an update that changed the appearance of the user interface for this feature," Microsoft told BleepingComputer, mistakenly saying it was only in Windows 11 Insider builds when it was already available in Windows 11 22H2. One week later, on April 26, Redmond announced they fixed the LSA Protection UI issue this was just done by removing the setting in the KB5007651 Defender update to ensure that the confusing alerts would no longer be displayed in the Windows Settings app.

Today, Redmond revealed that it decided to stop pushing the KB5007651 Defender update due to blue screens or unexpected system restarts when gaming affecting Windows 11 systems where the Defender update was deployed.

Microsoft continues to confusingly discuss Kernel-mode Hardware-enforced Stack Protection in troubleshooting steps regarding LSA Protection.

News URL

https://www.bleepingcomputer.com/news/microsoft/microsoft-pulls-defender-update-fixing-windows-lsa-protection-bug/