Sppsvc.exe Microsoft Software Protection Platform Service

[Manric Hock]

Thefirst 2 don't work and when I disable it with the 3rd method the cpu usage problem goes away, but a message is displayed in the corner of my screen in gray text saying "Activate Windows Go to Settings to activate Windows" that displays on top of everything else and never goes away. Is there anything I can do other than reinstalling Windows?

If you tried the regedit solution, make sure to get the Start value in

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sppsvc set to its previous value (2 instead of 4) so Windows and other Microsoft products can get back to normal.

In Compatibility tab find Compatibility mode.if the options in that window are grey, change settings for all users that can be found on the bottom side of you Properties windowand after that check the box ''Run this program in compatibility mode for:''And change compatibility mode to Windows Vista problem solved

Note:

This settings will remove your Microsoft software protection platform service, butit may make Activate Windows watermark. If you want to remove that follow these easy2 minute steps on this site: -to-buy-windows-10-and-activate-from.html

Any method to disable sppsvc will also deactivate all your microsoft products including windows. If you suspend the service, (you can do that with resource monitor. No need for a third party software) the high cpu problem will be resolved but MS Office will hang after a few minutes as it tries to do a validation request to the suspended service.

So here's the current situation, as of december 31st 2018 : Suspending the service is a good workaround if you need the CPU power for a game. Once you are done, you can re-enable it and use MS Office or anything else that doesnt need intense CPU process.

Microsoft Software Protection Platform Service (Sppsvc), a service in Task Manager, is a security service built in Windows in order to stop piracy and protect software tampering, which is implied by its name. The Sppsvc is responsible for downloading, installing and executing Windows digital licenses and applications.

Besides, it is helpful for initiating license. As Microsoft claims, software protection platform service performs well in how Microsoft software activates, validates online and runs when tampering or hacking is detected.

Though it has so many benefits, it has its shortcomings. One of the most frequently discussed points is the Microsoft Software Protection high CPU issue. In fact, high CPU usage issue on Windows OS is a very common one compared with other errors like computer keeps crashing, blue screen of death, black screen, etc.

You may encounter various high CPU usage cases such as state repository service high CPU, Wsappx high CPU, and so forth. How Microsoft Software Protection Platform Service high CPU is different from other high CPU cases?

The SPPSVC high CPU issue will occur under 2 circumstances. It can happen in a genuine Windows copy and a copy that is activated with third-party applications like KMS. You can click here to check if Windows 10 is genuine or not.

If you have the privilege of administrator, you can restart Microsoft software protection platform service to solve the Microsoft Software Protection high CPU issue. This method is pretty simple and convenient. You just need to follow these steps to do that.

The Sppsvc.exe may start consuming system resource because of the missing Windows updates. As it is known to all, outdated system drivers and software can cause various kinds of errors. So, updating your Windows is worth trying.

Step 2: Move to the right side of the window and click on Check for updates option. Then, you will see that Windows is checking for updates. Besides, if Windows finds any available updates, it will download and install it automatically.

The System Maintenance Troubleshooter is a Windows built-in utility, which can fix various Windows related issues. For instance, the Troubleshooter will help you solve errors such as printer offline, Ethernet not working, unidentified network, Canon printer not responding and so on.

Step 5: Now, the Troubleshooter will scan for errors on your operating system. It will tell you the errors and corresponding fixes if it finds any. You just need to follow the on-screen instruction to complete the operation.

If the SPPsvc high CPU usage issue disappears in safe mode, it indicates that the software clash with the service is the source of the error. And you need to take some measures to cope with it. For example, you can disable all the services in the Task Manager and then enable them one by one until the issue appears again. Then, you can remove or disable the service.

System File Checker (SFC) is also a utility that comes with Windows operating system (since Windows 98). It is widely used for scanning computer for corrupted system files. Here, you can also apply it to fix Microsoft Software Protection high CPU issue. For that.

If you use KMS software to activate Windows products and encounter the SPPsvc high CPU error, you should check if your KMS software is the latest version. If the high CPU issue still appears after you update the KMS activation and reboot the device, try disabling KMS or stopping the sppsvc.exe.

To do that, you can utilize MiniTool Partition Wizard. The Migrate OS to SSD/HD Wizard and Copy Disk feature can help you install a new copy of Windows with ease. You just need to plug a USB flash drive that contains a genuine Windows to your computer, and then follow the steps below.

Alternatively, you can also perform restore to bring your computer to a previous date to fix the high CPU issue. However, this will undo some changes that you made after the restore point creation time. Hence, you need to be cautious when making a decision.

I fixed Microsoft Software Protection Platform Service high CPU issue successfully with methods in this post. Are you still seeking solutions to that issue? Click here to get these methods now! Click to tweet

Read here, you may have an overall understanding of the Microsoft Software Protection Platform Service. More importantly, with the given methods, you will not be confused by Microsoft Software Protection Platform Service high CPU anymore.

Our tests showed that out of the Windows versions that we have "security adopted", we were only able to reproduce the vulnerability on Windows 10 v1803 and v1809, so these were the ones we wanted to create a micropatch for.

As seen on the above image, Microsoft has just added a check to see if the user-influenced value (size of TextData element) that caused memory corruption was greater than 0x1FFFFFFF. If so, it triggers an assertion and effectively crashes the process without trying to resolve the situation. This is a bit unusual as it implies that either (a) Microsoft found it extremely difficult to fix this issue at some root level, issue a JavaScript exception and keep the process running, or (b) they wanted to get this over with quickly because Internet Explorer is hardly supported anymore and MSHTML, while still being used by other applications such as Microsoft Word, is not a critical component for their most important customers.

Be it as it may, our micropatch does the same as looking for a better fix could take us down a rabbit hole for a long time. However, it also records an "Exploit Blocked" event to the local 0patch log so an attack will leave a trace.

And the video of our patch in action. Note that in contrast to a typical micropatch that prevents the process from crashing, this micropatch - doing exactly the same as Microsoft's fix - lets the process crash in a controlled, unexploitable way in case an overly long string is encountered.

Update 8/11/2021-B: Neither Microsoft's August fix nor our micropatch seem to have covered all PetitPotam affected code. Both fixed the anonymous attack vector but we're investigating additional authenticated paths now and looking for the best way to patch that too. The most effective PetitPotam mitigation currently remains this RPC filter on all Domain Controllers, although it may be an overly broad measure and could break something, so proceed with caution.

Update 6/27/2022: While Microsoft only fixed the anonymous attack vector, we decided to also address the authenticated attack vector. We therefore ported our patches for this issue to current versions of supported Windows platforms. Given that Microsoft does not plan to patch authenticated credentials relaying issues, these patches are now available only to PRO and Enterprise accounts.

Update 6/3/2024: It came to our attention that PetitPotam can also be exploited against Windows Workstations, not just Servers. We therefore issued patches for all security-adopted as well as still-supported Windows versions, which we'll keep porting to relevant DLLs as they get updated.

Wow, we're busy these days. Just yesterday we issued micropatches for the "Malicious Printer Driver" 0day, and today we're fixing a critical remote code execution issue that allows an anonymous attacker to take over a Windows Domain Controller: the infamous "PetitPotam" bug.

PetitPotam was discovered by security researcher topotam, who published their proof-of-concept on Github on July 20, 2021. There is no official vendor patch for it at the time of this writing; in fact, Microsoft's support article implies they do not consider this a vulnerability but rather a mis-configuration, and provides some generic mitigations that do not address the root issue.

As usually, CERT/CC vulnerability note by Will Dormann nicely explains the vulnerability and an exploit chain leading to a complete domain takeover. The main problem is that any user - even anonymous - can force a domain controller to send NTLM credentials of its computer account to attacker's server, where these can be received and then relayed to another service in the domain to make a malicious privileged request.

3a8082e126