Is LSA no longer enabled by default?


Yeahoww

Yeahoww

Member
Local time
6:55 AM
Posts
43
Visit site
OS
Windows 11
So, I have recently installed new out of the box computers at work. After getting the latest Windows updates some of the problems that other people have described here have started. Broken Windows Security UI with Randomly dissapearing TPM and LSA warning messages.
What's the deal with LSA now? Should it be enabled by default even though the setting for turning it on is now missing from Windows Security?

Going to Event viewer to confirm if it's running or not and I find no instance of LSA running as a protected process.
I go to Windows logs -> System -> Filter -> Wininit and all I find are:
VBS Key Isolation and Credential guard. So what's the deal?
Kernel Mode Hardware Enfored Stack Protection got removed from Windows Security aswell as the option to enable LSA.
Should it be enabled by default?
 

My Computer

System One

  • OS
    Windows 11

My Computers

System One System Two

  • OS
    Win 11 Pro 22H2 22621.2361
    Computer type
    PC/Desktop
    Manufacturer/Model
    Me Myself and I
    CPU
    Intel® Core™ i7-11700F
    Motherboard
    ASUS TUF GAMING Z590-PLUS WIFI
    Memory
    CORSAIR Vengeance LPX 64GB DDR4
    Graphics Card(s)
    EVGA GeForce RTX 3050 XC Black Gaming
    Sound Card
    Creative Labs PCIe Sound Blaster X-Fi Titanium (dan_k drivers)
    Monitor(s) Displays
    ASUS TUF Gaming 27" 2K HDR Gaming
    Screen Resolution
    2560 x 1440
    Hard Drives
    Samsung 980 Pro 500GB PCle 4.0 NVMe (boot)
    Samsung 970 EVO 1TB PCle 3.0 NVMe (x2)
    Samsung 870 EVO 2TB SATA III (x2)
    Samsung 870 EVO 250GB SATA III
    PSU
    Corsair RM850x Shift
    Case
    Antec Dark Phantom DP502 FLUX
    Cooling
    Noctua NH-U12A chromax.black + 7 Phantek T-30's
    Keyboard
    Logitech MK 320
    Mouse
    Razer Basilisk V3
    Internet Speed
    350Mbs
    Browser
    Firefox
    Antivirus
    Winows Security
    Other Info
    Windows 10 22H2 19045.3516
    On System One
  • Operating System
    Win 11 Pro 22H2 22621.2361
    Computer type
    PC/Desktop
    Manufacturer/Model
    Me Myself and I
    CPU
    Intel Core i7-8700
    Motherboard
    Asus Prime Z370 P-II
    Memory
    32 GB DDR4
    Graphics card(s)
    EVGA RTX 2060 KO Ultra Gaming
    Sound Card
    Creative Labs PCIe Sound Blaster X-Fi Titanium (dan_k drivers)
    Monitor(s) Displays
    Samsung F27T350
    Screen Resolution
    1920x1080
    Hard Drives
    Samsung 870 EVO 500GB SSD
    Seagate Barracuda 7200rpm 1TB HDD (X2)
    PSU
    Corsair HX750
    Case
    Antec Titan 550
    Cooling
    Hyper 212 EVO
    Internet Speed
    350Mbps
    Browser
    Firefox
    Antivirus
    Windows Security
    Other Info
    The 2 Barracudas were a RAID 0 in thier previous lives.
neemobeer said:
Correction, looks like it's enabled by default now.
Click to expand...
That’s the problem, because it’s not enabled by default. I see nothing about LSA in event viewer. I was going to verify that it was running as a secured process but I find nothing.

Have verified this on several new installations. Does Microsoft think that we should enable this in regedit?
 

My Computer

System One

  • OS
    Windows 11
You can check the status in settings / privacy and security / windows security / device security / core isolation and then click on core isolation details.

All my systems show LSA enabled.
 

My Computers

System One System Two

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self-build
    CPU
    Intel I3-10100
    Motherboard
    MSI H410M-PRO
    Memory
    16 GB
    Graphics Card(s)
    Nvidia GT 1030
    Sound Card
    Motherboard default
    Monitor(s) Displays
    Philips 27 inch
    Screen Resolution
    1920x1080
    Hard Drives
    Samsung EVO 970 NVMe SSD 256 Gb
    Samsung QVO 870 SATA SSD 2 Tb
    PSU
    ATX 450W
    Keyboard
    Logitech
    Mouse
    Logitech Wireless
    Internet Speed
    930 Mb down / 120 Mb up
    Browser
    Edge
    Antivirus
    Windows Defender
    Other Info
    Microsoft Office 2021 Plus
  • Operating System
    Windows 11 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self-build
    CPU
    Intel i3-8100
    Motherboard
    Gigabyte Z370 D3
    Memory
    16 Gb
    Graphics card(s)
    Nvidia GT 720
    Sound Card
    Motherboard default
    Monitor(s) Displays
    Philips 27-inch
    Screen Resolution
    1920x1080
    Hard Drives
    Samsung 960 NVMe SSD 256 Gb
    Seagate 2 Tb HDD
    PSU
    ATX 450W
    Mouse
    Logitech Wireless
    Keyboard
    Microsoft
    Internet Speed
    930 Mb down / 120 Mb up
    Browser
    Edge
    Antivirus
    Windows Defender
RFS said:
You can check the status in settings / privacy and security / windows security / device security / core isolation and then click on core isolation details.

All my systems show LSA enabled.
Click to expand...
Not on these new devices. LSA first got replaced with Kernel Mode Hardware Enforced Stack Protection, just to get replaced by LSA again, until recently when Microsoft removed the option enable LSA in the latest update.
More information here: LSA option missing completely

Did you manually enable LSA through regedit before?
 

My Computer

System One

  • OS
    Windows 11
You must log in or register to reply here.

Similar threads

LSA option missing completely
Replies
15
Views
7K
BlueNightSky
B
Note about Local Security Authority (LSA) Protection - yellow bam! issue
Replies
7
Views
2K
oldschool
oldschool
LSA Credential Guard Errors in Event Log
Replies
6
Views
8K
vis
V
Missing some advanced security options in Windows Security Center after Clean install from Win10 to Win11 Pro
Replies
6
Views
405
win11freak
W
BitLocker Script not working only on Windows 11. Works flawlessly on Windows10
Replies
7
Views
304
Brink
Brink

Latest Support Threads

Latest Tutorials

Back
Top Bottom