Local Security Authority protection functionality is enabled.
Topic
Protecting credentials
Applicable to
all
History
Dec 2023
Local Security Authority protection functionality is enabled.
The existing control relating to the use of Protective Process Light for the Local Security Authority Subsystem Service in Microsoft Windows was reworded to refer to Local Security Authority protection functionality instead.
Sep 2023
Protective Process Light for LSASS is enabled.
The existing control on implementing PPL for LSASS was amended to remove the requirement for an UEFI lock. Rather, organisations are encouraged to implement UEFI locks for security functionality such as PPL for LSASS, Windows Defender Credential Guard and Windows Defender Remote Credential guard where appropriate and supported by workstations.
Jun 2023
Protective Process Light for LSASS is enabled with a UEFI lock.
A new control was added covering the enablement of Protective Process Light for the Local Security Authority Subsystem Service (LSASS), with a Unified Extensible Firmware Interface (UEFI) lock, on Microsoft Windows devices in order to protect against credential dumping attacks.