How to Fix Missing Local Security Authority Option

After installing the Microsoft Defender update KB5007651 (Version 1.0.2302.21002), released on March 14, 2023, users are receiving the recurring error notification “Local Security protection is off. Your device may be vulnerable.” It happens regardless of whether this security feature is enabled or not.

Also, it comes with options to Go to Settings and when you click on it, you won’t find the Local Security Authority option. You will instead see something like “Page not available. The page you are trying to access has no supported features and is not available.”

Change Relevant Registry and Group Policy Settings

Microsoft actually released an update on May 16, 2023 for Microsoft Defender Antivirus antimalware platform that addresses the persistent “Local security protection is off” notification.

But Microsoft has already removed this KB5007651 (Version 1.0.2303.27001) update because of other issues that were present within. So, until Microsoft releases another stable update, there’s no permanent way to take care of this problem.

However, the missing Local Security Authority option is a different matter altogether. In the current version of Windows, Microsoft has already removed this security option from your settings. The only ways to enable it are through the Registry Editor or the Local Group Policy Editor.

It’s best to change the option in both configurations. But if you are a Windows Home user, your system won’t have the Local Group Policy Editor by default. Simply making the registry changes should be enough in this case.

1. Open Run by pressing Windows key + R.
2. Type regedit and press Enter to open the Registry Editor.
3. Navigate to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
4. Look for RunAsPPL. If you see it, double-click on it. If not,
   • Right-click on the Lsa key and select New > DWORD (32-bit) Value.
     
   • Name it as RunAsPPL and double-click on it.
5. Set the Value data to 2 and click OK.
   
6. Do the same for RunAsPPLBoot. You may also need to create it if it’s not there.
7. Open Run.
8. Type gpedit.msc and press Enter to open the Local Group Policy Editor.
9. Go to Computer Configuration > Administrative Templates > System > Local Security Authority.
10. Double-click on Configures LSASS to run as a protected process.
    
11. Check Enabled and then set the drop-down box below to Enabled without UEFI Lock.
    
12. Restart your computer.

After that, you can simply ignore the prompt to restart after dismissing the “Local Security protection is off. You can go through your normal work without worrying about any security vulnerabilities. But remember to install all future updates for Microsoft Defender Antivirus antimalware platform whenever they become available.