Microsoft Windows Server | WI531019

Impact: Once enabled, your Windows device might persistently notify you that it is vulnerable, and a restart is required. Originating KB URL: N/A Originating Build: N/A Resolved KB URL: N/A Date Resolved: 2023-07-05T17:31:25.6516002-07:00 Vendor Message History: ======================= Published: 2023-04-25T21:42:57.553+00:00 ---------------------------------------- After installing "Update for Microsoft Defender Antivirus antimalware platform - KB5007651 (https://support.microsoft.com/help/5007651) (Version 1.0.2302.21002)", you might receive a security notification or warning stating that "Local Security protection is off. Your device may be vulnerable." and once protections are enabled, your Windows device might persistently prompt that a restart is required. Important: This issue affects only "Update for Microsoft Defender Antivirus antimalware platform - KB5007651 (https://support.microsoft.com/help/5007651) (Version 1.0.2302.21002)". All other Windows updates released on March 14, 2023 for affected platforms (KB5023706 (https://support.microsoft.com/help/5023706) and KB5023698 (https://support.microsoft.com/help/5023698)), do not cause this issue. Workaround: If you have enabled Local Security Authority (LSA) protection (https://learn.microsoft.com/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection) and have restarted your device at least once, you can dismiss warning notifications and ignore any additional notifications prompting for a restart. You can verify that LSA protection is enabled by looking in Event Viewer using the information available here (https://learn.microsoft.com/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection#verifying-lsa-protection). Important: Currently, we do not recommend any other workaround for this issue. Resolution: This issue was resolved in an update for Windows Security platform antimalware platform KB5007651 (https://support.microsoft.com/help/5007651) (Version 1.0.2306.10002). If you would like to install the update before it is installed automatically, you will need to check for updates (https://support.microsoft.com/windows/update-windows-3c5ae7fc-9fb6-9af1-1984-b5e0412c556a). Affected platforms: - Client: Windows 11, version 22H2; Windows 11, version 21H2 - Server: None Published: 2023-03-21T18:37:38.413+00:00 ---------------------------------------- After installing "Update for Microsoft Defender Antivirus antimalware platform - KB5007651 (https://support.microsoft.com/help/5007651) (Version 1.0.2302.21002)", you might receive a security notification or warning stating that "Local Security protection is off. Your device may be vulnerable." and once protections are enabled, your Windows device might persistently prompt that a restart is required. Important: This issue affects only "Update for Microsoft Defender Antivirus antimalware platform - KB5007651 (https://support.microsoft.com/help/5007651) (Version 1.0.2302.21002)". All other Windows updates released on March 14, 2023 for affected platforms (KB5023706 (https://support.microsoft.com/help/5023706) and KB5023698 (https://support.microsoft.com/help/5023698)), do not cause this issue. Workaround: If you have enabled Local Security Authority (LSA) protection (https://learn.microsoft.com/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection) and have restarted your device at least once, you can dismiss warning notifications and ignore any additional notifications prompting for a restart. You can verify that LSA protection is enabled by looking in Event Viewer using the information available here (https://learn.microsoft.com/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection#verifying-lsa-protection). Important: Currently, we do not recommend any other workaround for this issue. Next steps: We are working on a resolution and will provide an update as soon as it is available. Affected platforms: - Client: Windows 11, version 22H2; Windows 11, version 21H2 - Server: None