Unable to Enable Core Isolation Memory Integrity due to Western Digital Driver (Windows 10 2004)

In case it helps anyone, I managed to resolve this (enable Memory Integrity and achieve "enhanced hardware security) on my own Windows 10 Pro version 2004 machine, and still use my WD passport drive

This is what I did (it’s possible some steps were unnecessary):

  1. Logged in to Windows as an administrator (normally I run as a Standard user), and connected all devices that were causing problems so that I could see them in Device Manager. Working out which devices are the culprits is of course the hard part, but it only required a bit of googling for the drivers listed in Settings > Windows Security > Device Security > Core isolation details. In my case the WD Drive Management drivers, a TV card driver and a Logitech keyboard settings app were responsible.

  2. In Device Manager, disable each of the problematic devices, then uninstall their drivers, selecting the option to remove all files and settings where this is offered. In Windows > Apps and Features uninstall any programs that were used to install the affected drivers (WD has none but the others did).

  3. Power down the PC. Unplug all the affected devices. Start the PC again.

  4. Return to the Core isolation details page. You should now be able to enable Memory Integrity. If not, check in your BIOS that virtualisation is enabled, in my case this was tricky to find, on the “Overclocking” page in a setting called “SVM”. Reboot the PC.

  5. I found that I could then plug in my WD Passport drive and re-enable the other devices and use them as normal. In other words, once Memory Integrity is enabled it seems to stay enabled, even though the WD SES device has reappeared in Device Manager.

The WD Security application still seems to run and offers to encrypt the drive but I haven’t tested that fully because the encryption is “totally useless” according to The Register so I prefer to use other tools for that anyway. https://www.theregister.com/2015/10/20/western_digital_bad_hard_drive_encryption/

This is pretty bad Western Technologies. Not only is your driver not up-to-date with the latest Microsoft Windows security features, it can be a pain to delete because it requires SYSTEM access. Talk about TechnocraticArrogance.sys at its worst.

Still getting this issue. Can WD resolve this please. Thanks

Hello! You may try to install Western Digital Technologies WD Security utility. Then You will be able to remove the WD SES Device wdcsam64.sys driver from Windows Device Manager.

finally figured it out. The key here is the tool PnPUtil. I used this post as a launching point.

I did not see a single other way to remove this out of date, useless, broken Western Digital Driver. Not sure if this solution will work for everyone; it worked for me and I’ve included my thought process.

Goal: Delete out of date/broken drivers which stop memory isolation from running.
Problem: Drivers aren’t being used, are not associated with any useable software, and can’t be traditionally uninstalled.

Process:

  1. Open up command prompt (CMD) as an administrator

  2. type in “pnputil /?” without the quotation marks and hit enter.
    2a. This will show you all the parameters and what they do. Helps a novice figure things out.

  3. type in “pnputil /enum-drivers” without the quotation marks and hit enter.
    3a. This shows all the third party drivers installed. Find the drivers and that correspond to the incompatible drivers from memory isolation. You can get more details by clicking on the incompatible driver in memory isolation.
    3b. Confirm the drivers match and jot down the details of the drivers

  4. type in “pnputil /enum-devices /connected” without the quotation marks and hit enter.
    4a. To make sure the incompatible drivers aren’t being used, go through all the devices and check if the incompatible driver is listed by “Driver Name.” This part was annoying but made me less worried about breaking something.

  5. After confirming you’re in the clear, type in “pnputil /delete-driver oem#.inf /uninstall /force /reboot” without the quotation marks and hit enter.
    5a. Substitute oem#.inf with whatever your driver is causing problems.
    5b. Do this for each driver, one at a time, changing oem#.inf to match as you go along
    5c. /uninstall makes sure the driver is uninstalled; /force makes sure the driver is deleted, not a problem for us since we made sure it wasn’t being used; /reboot will restart the computer if deleting the driver requires it.

That’s it! super easy, super simple, super straight forward. Glad PnPUtil exists. Afterwards, I restarted my computer to be safe then turned on memory isolation, no problem.

7 Likes

From everything I have been able to find, the WD SES device in Device Manager is not necessary and is now obsolete. You can remove the device by right clicking on it and uninstalling it. Be sure to check the remove/uninstall driver checkbox. Just to be safe, I copied the driver file to another folder in case I run into problems. Once I uninstalled the device and it’s drivers I was able to enable the memory integrity. Hope this helps.

BTW, I also have a support ticket in to Western Digital and am waiting for their reply.

Dear annoyed,

Sheer genius, lucidly explained. Thank you.

Should you ever find yourself in the middle of Brooklyn, name your favorite beverage. Meanwhile, cheers.

P.S. - the “/connected” business in Step 4 didn’t fly for me under Win 11 build 22000. But none of my zombie devices appeared in Device Mangler, so I just went ahead and uninstalled them.

1 Like

The SES driver can also be removed as follows. These steps are for Windows 10 and might be slightly different on Windows 11.

  1. Get the driver published name. The format of this name is oemXX.inf where XX is a number. You can find it in device manager info or you can run this Windows command:
    dism /image:c:\ /get-drivers
    and note the ‘published name’.

  2. Restart Windows to command prompt by going to Settings - Update&Security - Recovery - Restart now - troubleshoot - advanced options - command prompt
    The PC will restart and provide a command prompt. Then run the following command:
    dism /image:c:\ /remove-driver /driver:oemxx.inf
    where xx is the driver number found in step 1.

Note that after removing the driver, Windows will still offer to re-install it in Windows Update - View additional updates.

Using the WD SES driver increases the vulnerability of Windows PCs to malware infections since it blocks the Core Isolation feature of Windows Device Security to be enabled.
Core Isolation has been implemented in Windows 10 since April 2018. So almost four years ago. So why is the driver not updated yet?

WD considers security of the PCs of it’s users as a high priority. So you would expect the SES driver to have been updated already long ago.

Thank you, annoyed_user!
Worked like a charm to uninstall and remove two incompatible drivers flagged by Memory Integrity.

PS: in steps 3 and 4, I copied the results returned by pnpnutil in each step to the clipboard, pasted into a text document, and searched for the driver name.

Thanks again.

1 Like

This just (22 Mar 2022) became an issue (Win 11 Pro Eval on SurfaceBook1) and it REALLY IRKS ME!!! I see a monster corporation - two in collaboration, actually - pushing a software update on MILLIONS of subscription-paying users, that EXPOSES THEM TO HACKERS in a very unexpected way, and NOT remedying it themselves.

No! They push the remedy off to the MILLIONS OF UNSUSPECTING USERS who have now got a security warning, to each, individually spend some hours finding a solution, and setting it to rights on each individual computer.

I, for one, will make future choices of memory systems with the whole body of information available to me, including THIS!!

You monster companies KNOW this ■■■■ is happening, and that YOU caused it, but, do you push our a fix? Naah, that would take work. Let the users do the work, we have their money already,

1 Like

I’m ■■■■ annoyed myself! This is bloody irresponsible of both WD and MS!

Western Digital hasn’t fixed this yet? It has been at least two years since I first encountered it. What would it take to recertify the old driver again with microsoft? If you aren’t going to fix the WDCSAM driver error affecting Windows 11 Core Isolation, can we at least have the source code for the driver so that I can fix it for Win 11 requirements and send it to microsoft myself? Cmon, WD, maintain your products because seagate su…per!

Releasing a new product does not make you exempt from fixing previous releases! Everyone else’s drivers work. Also the NVME black drives are nice, and they get hot enough to cook an egg. Now I need some teeny tiny little eggs to cook on them. Remember the aluminum foil!!

Win 11 Core Isolation Failure due to WDCSAM driver incompatibility… Didn’t work in Win 10 either. Delete inf? Registry entry? Software pack? How to fix?Please help! This nagging windows error is unbearable!

Anoyyed_User above might be on to someting! I’ll try that.

This works! Eureka! I was able to remove “oem34.inf” in Step 5a from Windows 11. This was the only incompatible driver. I did need to return to Settings > Privacy & security > Windows security > Device security > Core isolation and click to turn it on, which instructed me to reboot again for it to take effect. And it did!

1 Like

Below is an article that explains step-by-step the work around when this issue does occur. Please see the following:

Windows 10 Version 2004 and Later: Memory Integrity Cannot be Enabled for Core Isolation in Windows Security

https://support-en.wd.com/app/answers/detailweb/a_id/29626/

Genio! Muchas gracias! Funcionó a la perfección.

Absolute Genius!
Thanks a lot mate!

It worked. The reboot was momentarily worrisome as it asked some new system setup questions, but nothing was lost. Was able to re-enable security features. Nice set of instructions above!

This worked under Windows 11, 9/7/2022.

Don’t forget to disconnect any WD USB external hard drives. Until I did that, the driver showed as “connected” in step 4. Once the USB drives were unplugged/powered down, the driver no longer showed as connected and step 5 worked per the instructions. I then enabled Core Isolation Memory Integrity, restarted the computer, and reconnected the USB drives which still worked fine and dandy.

Many thanks for the clearly written instructions.

I have the same problem, please provide the exact location (URL) of the updated drivers, that support the Windows 10 ‘Core Isolation / Memory Integrity’ security feature. .

.

Unless you have a very new drive, these supposed to be updated drivers are just not there. WD obviously does not see the need to provide updated drivers for drives of more than a few years old . I guess that it is because they expect that these older drives would have failed already.

I have several My Book drives and whenever I connect one of them to my PC, automatically the SES driver gets installed again by Windows. I keep on removing the driver in Device Manager and enabling Core Isolation memory integrity again each time after using the drive.

So much for the customer support of WD.

1 Like