Local Security Authority (LSA) is a feature now automatically turned on starting with Windows 11 22H2 with new installs of the system. LSA is a feature that is suppose to preview code injection that can compromise credentials. The library mdnsNSP.dll is regarded as an untrusted software.
This library comes with software such as bonjour which is typically packaged with iTunes and some older printer drivers.
Disable by using the registry
- Open the Registry Editor, or enter RegEdit.exe in the Run dialog, and then go to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa registry key.
- Open the RunAsPPL value, and set its data value to 00000000. Or delete the RunAsPPL value.
- If the protected processes light (PPL) feature was enabled with a UEFI variable, use the Local Security Authority Protected Process Opt-out tool to remove the UEFI variable.
- Restart the computer.
Disable by using local policy on Windows 11 version 22H2 and later
- Open the Local Group Policy Editor by entering gpedit.msc in the Run dialog.
- Expand Computer Configuration > Administrative Templates > System > Local Security Authority.
- Open the Configures LSASS to run as a protected process policy.
- Set the policy to Enabled.
- Under Options, select Disabled.
- Select OK.
- Restart the computer.
Remove the LSA protection UEFI variable
You can use the Local Security Authority (LSA) Protected Process Opt-out tool from the Microsoft Download Center to delete the UEFI variable if the device is using Secure Boot.
Sources.