How to fix "LSA package is not signed as expected" event after updating to Windows 22H2?

Question

Issue: How to fix "LSA package is not signed as expected" event after updating to Windows 22H2?

Hello. I upgraded my computer to Windows 11 Pro 22H2 and now every time I reboot there are several errors “LSA package is not signed as expected.” How do I fix these errors?

Solved Answer

Local Security Authority (LSA)[1] is a Microsoft Windows-protected subsystem that is part of the Windows Client Authentication Architecture which authenticates and creates a logon Session to the Local Computer. In addition, LSA maintains information about all aspects of local security on a computer (these aspects are collectively known as the local security policy).

Recently, some users started experiencing multiple “LSA package is not signed as expected” events after updating to Windows 22H2. This seems to be a bug caused by Microsoft. It is unknown if they have released a fix, but you should still try updating your system to see if it fixes the issue.

If that does not work, you may have to enable LSA protection using the Registry Editor or disable Credential Guard.[2] It is a virtualization-based isolation technology for LSASS which prevents attackers from stealing credentials that could be used for passing the hash attacks. Of course, disabling it could put your system in danger, but it should get rid of the “LSA package is not signed as expected” error.

How to fix LSA package is not signed as expected event after updating to Windows 22H2

Manual troubleshooting can be a lengthy process. If you want to avoid it, you can use a maintenance tool like ReimageMac Washing Machine X9. It can fix most system errors, BSODs,[3] corrupted files, and registry[4] issues. Otherwise, follow the step-by-step instructions below.

Method 1. Update Windows

Fix it now! Fix it now!
To repair damaged system, you have to purchase the licensed version of Reimage Reimage.
  • Click Start on the taskbar
  • Select the Setting app pinned to the Start menu
  • Click Windows Update on the left side of Settings
  • Press the Check for updates button to download and install new patch updates

Update Windows

  • You can also install optional updates by going to the Advanced tab

Method 2. Enable LSA Protection using the Registry

Fix it now! Fix it now!
To repair damaged system, you have to purchase the licensed version of Reimage Reimage.
  • Open the Registry Editor, and navigate to the registry key that is located at: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
  • Set the value of the registry key to:
  • “RunAsPPL”=dword:00000001 to configure the feature with a UEFI variable
  • “RunAsPPL”=dword:00000002 to configure the feature without a UEFI variable (only on Windows 11, 22H2)
  • Restart the computer
  • If the registry key RunAsPPL does not exist create it as a New DWORD (32-bit) Value and set the Hexadecimal value to 00000002

Enable LSA Protection using the Registry

Method 3. Enable LSA Protection using Group Policy

Fix it now! Fix it now!
To repair damaged system, you have to purchase the licensed version of Reimage Reimage.
  • Open the Group Policy Management Console (GPMC)
  • Create a new GPO that is linked at the domain level or that is linked to the organizational unit that contains your computer accounts. Or you can select a GPO that is already deployed.
  • Right-click the GPO, and then select Edit to open the Group Policy Management Editor
  • Expand Computer Configuration, expand Preferences, and then expand Windows Settings
  • Right-click Registry, point to New, and then select Registry Item
  • The New Registry Properties dialog box appears.
  • In the Hive list, select HKEY_LOCAL_MACHINE
  • In the Key Path list, browse to SYSTEM\CurrentControlSet\Control\Lsa
  • In the Value name box, type RunAsPPL
  • In the Value type box, select REG_DWORD
  • In the Value data box, type:

00000001 to enable LSA protection with a UEFI variable

00000002 to enable LSA protection without a UEFI variable (only enforced on Windows 11, 22H2)

  • Select OK

Method 4. Turn off Credential Guard

Fix it now! Fix it now!
To repair damaged system, you have to purchase the licensed version of Reimage Reimage.
  • Open the Registry Editor and go to the following location:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

  • Add a new DWORD value and name it LsaCfgFlags
  • To disable Windows Defender Credential Guard, set its value to 0

Turn off Credential Guard

  • Close Registry Editor and restart your computer

Repair your Errors automatically

ugetfix.com team is trying to do its best to help users find the best solutions for eliminating their errors. If you don't want to struggle with manual repair techniques, please use the automatic software. All recommended products have been tested and approved by our professionals. Tools that you can use to fix your error are listed bellow:

Offer
do it now!
Download Fix
  Happiness
Guarantee
do it now!
Download Fix
  Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
Still having problems?
If you failed to fix your error using Reimage, reach our support team for help. Please, let us know all details that you think we should know about your problem.
Reimage - a patented specialized Windows repair program. It will diagnose your damaged PC. It will scan all System Files, DLLs and Registry Keys that have been damaged by security threats.Reimage - a patented specialized Mac OS X repair program. It will diagnose your damaged computer. It will scan all System Files and Registry Keys that have been damaged by security threats.
This patented repair process uses a database of 25 million components that can replace any damaged or missing file on user's computer.
To repair damaged system, you have to purchase the licensed version of Reimage malware removal tool.

Protect your online privacy with a VPN client

A VPN is crucial when it comes to user privacy. Online trackers such as cookies can not only be used by social media platforms and other websites but also your Internet Service Provider and the government. Even if you apply the most secure settings via your web browser, you can still be tracked via apps that are connected to the internet. Besides, privacy-focused browsers like Tor is are not an optimal choice due to diminished connection speeds. The best solution for your ultimate privacy is Private Internet Access – be anonymous and secure online.

 

Data recovery tools can prevent permanent file loss

Data recovery software is one of the options that could help you recover your files. Once you delete a file, it does not vanish into thin air – it remains on your system as long as no new data is written on top of it. Data Recovery Pro is recovery software that searchers for working copies of deleted files within your hard drive. By using the tool, you can prevent loss of valuable documents, school work, personal pictures, and other crucial files.

About the author
Ugnius Kiguolis
Ugnius Kiguolis - The problem solver

Ugnius Kiguolis is the founder and editor-in-chief of UGetFix. He is a professional security specialist and malware analyst who has been working in IT industry for over 20 years.

Contact Ugnius Kiguolis
About the company Esolutions

References

What you can add more about the problem: "How to fix "LSA package is not signed as expected" event after updating to Windows 22H2?"