Microsoft has announced that the latest Windows 11 build rolling out to Insiders in the Canary channel will enable Local Security Authority (LSA) protection by default.
It is vital to stay protected against the theft of sensitive information or login credentials by blocking untrusted code injection into the LSA process and blocking process memory dumping. As described by Microsoft in the Windows 11 Security app, it "helps protect user credentials by preventing unsigned drivers and plugins from loading into the Local Security Authority."
In other words, LSA protection acts as a gatekeeper to ensure that only authorized entities can gain access to critical information required for user authentication and system security.
"Starting with on upgrade, we will audit for a period of time to check for incompatibilities with LSA protection. If we do not detect any incompatibilities, we will automatically turn on LSA Protection," Microsoft's Amanda Langowski and Brandon LeBlanc said.