Is LSA no longer enabled by default?


Local time
5:55 AM
Posts
43
OS
Windows 11
So, I have recently installed new out of the box computers at work. After getting the latest Windows updates some of the problems that other people have described here have started. Broken Windows Security UI with Randomly dissapearing TPM and LSA warning messages.
What's the deal with LSA now? Should it be enabled by default even though the setting for turning it on is now missing from Windows Security?

Going to Event viewer to confirm if it's running or not and I find no instance of LSA running as a protected process.
I go to Windows logs -> System -> Filter -> Wininit and all I find are:
VBS Key Isolation and Credential guard. So what's the deal?
Kernel Mode Hardware Enfored Stack Protection got removed from Windows Security aswell as the option to enable LSA.
Should it be enabled by default?
 

My Computer

System One

  • OS
    Windows 11

My Computers

System One System Two

  • OS
    Win 11 Pro 24H2 26100.1150
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self Built
    CPU
    Intel® Core™ i7-14700F
    Motherboard
    ASUS TUF GAMING Z690-PLUS WIFI
    Memory
    G.SKILL Ripjaws S5 Series 64GB (2 x 32GB) DDR5
    Graphics Card(s)
    RTX 4070 Super OC 12 GB
    Sound Card
    Sound Blaster AE-5 Plus
    Monitor(s) Displays
    ASUS TUF Gaming 27" 2K HDR Gaming
    Screen Resolution
    2560 x 1440
    Hard Drives
    Samsung 990 Pro 1TB NVMe (Win 11)
    SK hynix P41 500GB NVMe (Win 10)
    SK hynix P41 2TB NVMe (x3)
    Crucial P3 Plus 4TB
    PSU
    Corsair RM850x Shift
    Case
    Antec Dark Phantom DP502 FLUX
    Cooling
    Noctua NH-U12A chromax.black + 7 Phantek T-30's
    Keyboard
    Logitech MK 320
    Mouse
    Razer Basilisk V3
    Internet Speed
    350Mbs
    Browser
    Firefox
    Antivirus
    Winows Security
    Other Info
    Windows 11 23H2 22631.3880
    On System One
  • Operating System
    Win 11 Pro 23H2 22631.3737
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self Built
    CPU
    Intel Core i7-11700F
    Motherboard
    Asus TUF Gaming Z590 Plus WiFi
    Memory
    64 GB DDR4
    Graphics card(s)
    EVGA GeForce RTX 3050 XC Black Gaming
    Sound Card
    SoundBlaster X-Fi Titanium
    Monitor(s) Displays
    Samsung F27T350
    Screen Resolution
    1920x1080
    Hard Drives
    Samsung 980 Pro 1TB
    Samsung 970 EVO Plus 2TB
    Samsung 870 EVO 500GB SSD
    PSU
    Corsair HX750
    Case
    Cougar MX330-G Window
    Cooling
    Hyper 212 EVO
    Internet Speed
    350Mbps
    Browser
    Firefox
    Antivirus
    Windows Security
Correction, looks like it's enabled by default now.
That’s the problem, because it’s not enabled by default. I see nothing about LSA in event viewer. I was going to verify that it was running as a secured process but I find nothing.

Have verified this on several new installations. Does Microsoft think that we should enable this in regedit?
 

My Computer

System One

  • OS
    Windows 11
You can check the status in settings / privacy and security / windows security / device security / core isolation and then click on core isolation details.

All my systems show LSA enabled.
 

My Computers

System One System Two

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self-build
    CPU
    Intel I3-10100
    Motherboard
    MSI H410M-PRO
    Memory
    16 GB
    Graphics Card(s)
    Nvidia GT 1030
    Sound Card
    Motherboard default
    Monitor(s) Displays
    Philips 27 inch
    Screen Resolution
    1920x1080
    Hard Drives
    Samsung EVO 970 NVMe SSD 256 Gb
    Samsung QVO 870 SATA SSD 2 Tb
    PSU
    ATX 450W
    Keyboard
    Logitech
    Mouse
    Logitech Wireless
    Internet Speed
    930 Mb down / 120 Mb up
    Browser
    Edge
    Antivirus
    Windows Defender
    Other Info
    Microsoft Office 2021 Plus
  • Operating System
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self-build
    CPU
    Intel i3-8100
    Motherboard
    Gigabyte Z370 D3
    Memory
    16 Gb
    Graphics card(s)
    Nvidia GT 720
    Sound Card
    Motherboard default
    Monitor(s) Displays
    Philips 27-inch
    Screen Resolution
    1920x1080
    Hard Drives
    Samsung 960 NVMe SSD 256 Gb
    Seagate 2 Tb HDD
    PSU
    ATX 450W
    Mouse
    Logitech Wireless
    Keyboard
    Microsoft
    Internet Speed
    930 Mb down / 120 Mb up
    Browser
    Edge
    Antivirus
    Windows Defender
You can check the status in settings / privacy and security / windows security / device security / core isolation and then click on core isolation details.

All my systems show LSA enabled.
Not on these new devices. LSA first got replaced with Kernel Mode Hardware Enforced Stack Protection, just to get replaced by LSA again, until recently when Microsoft removed the option enable LSA in the latest update.
More information here: LSA option missing completely

Did you manually enable LSA through regedit before?
 

My Computer

System One

  • OS
    Windows 11
Hello, just want to check in on this... I noticed that I don't have LSA enabled and when i press Core isolation it just gives me this ->
Lv7F5BZ.png


I tried to enable LSA protection Manually via syshardener but didn't work.
I have an i9 9900k, with windows 11 22h version.. should i be able to enable it? Why couldn't i? Why can't i see the page even?

Thanks in advance
 

My Computer

System One

  • OS
    windows 11

Latest Support Threads

Back
Top Bottom