AMD Strips Memory Encryption From Ryzen CPUs

AMD quietly removed a security feature from its consumer Ryzen processors without telling customers. The protection, called Transparent Secure Memory Encryption (TSME), scrambles everything held in system memory so an attacker with physical access reads only noise. For years it worked on low-cost Ryzen chips. Then it stopped — silently, with no notice, and in a way Windows users had no simple way to catch.

Ars Technica's Dan Goodin reported on June 15, 2026 that AMD removed Transparent Secure Memory Encryption (TSME) from consumer Ryzen CPUs via the AGESA 1.2.7.0 firmware update.

The change was uncovered by a privacy-conscious Linux hobbyist named Ben Kilpatrick, who spent months running it down after fwupd's Host Security ID audit on a Ryzen 7 9700X showed "encrypted RAM: not supported." The same TSME feature still ships on AMD PRO Technologies enterprise chips and on EPYC server parts.

How a Linux User Uncovered the Silent Change

In April, Ben Kilpatrick, who calls himself a privacy-conscious Linux hobbyist, installed a fresh operating system on a machine running a Ryzen 7 9700X built on AMD's Zen 5 architecture. He ran Host Security ID (HSI), a tool that audits firmware and hardware security settings, to confirm his protections were active. One line stopped him. Encrypted RAM showed as not supported. The same tool's log showed that TSME had previously read as encrypted.

Kilpatrick spent months chasing an answer. He pressed engineers at MSI, the maker of his motherboard, until they agreed to run tests. They found that consumer Ryzen chips on MSI and Gigabyte boards kept TSME working under an older firmware delivered through AGESA, AMD's firmware framework. Swap to a newer release, version 1.2.7.0, and TSME reported as not supported. PRO Ryzen chips kept the feature across both boards and both firmware versions.

The feature's disappearance is completely undetectable on Windows machines and requires significant technical work to identify on Linux. That means the security feature was removed, leaving users unaware that anything had changed.

What TSME Protected Against

Transparent Secure Memory Encryption encrypts all data stored in RAM using a hardware-generated key that changes on every boot. When active, it renders cold boot attacks, DRAM interface snooping, and physical memory module removal useless because the extracted data is encrypted.

TSME runs under firmware. It encrypts all of RAM with no OS involvement, switches on silently once the BIOS enables it, and asks nothing of the user. That last trait made TSME the practical one. When active, it blocks physical attacks: cold boot exploits, snooping on the DRAM interface, and pulling a memory module to read it on another machine.

TSME protects against physical attacks, meaning scenarios in which someone has physical access to the machine or its memory hardware and attempts to extract secrets directly from RAM. The feature is more important for people carrying sensitive laptops, handling confidential work, relying on full-disk encryption, or operating in environments where seizure, theft, or hardware tampering is a realistic concern.

AMD Engineers Go Silent

Kilpatrick filed a bug report on AMD's public engineering GitHub repository. Two AMD engineers responded. Tom Lendacky, an AMD fellow software engineer, said he did not know what caused the change and suggested toggling the BIOS setting. Mario Limonciello, an AMD principal member of technical staff and maintainer of fwupd, the Linux firmware update utility, gave the same advice.

MSI's memory dumps showed the internal flag named DfIsTsmeEnabled reading FALSE on the consumer chip and TRUE on the PRO part.

The silicon in both processors is identical. The restriction is enforced entirely in firmware. The consumer Ryzen chip is physically capable of encrypting memory but is being told not to.

When Kilpatrick reported these findings back to AMD's engineers on GitHub, he asked directly whether DfIsTsmeEnabled being set to FALSE on consumer chips was a silicon limitation or a firmware policy decision. Limonciello replied: "My apologies; but I don't have any more information to share on this topic." The discussion ended there.

AMD's Official Position

AMD declined to answer questions from Ars Technica beyond a single statement: TSME "is a security feature only applied to PRO CPUs as part of AMD PRO Technologies." This is the first known time the company has explicitly stated this restriction.

AMD never formally advertised TSME as available on consumer Ryzen chips. But the feature worked, AMD's own engineers confirmed it worked, and users built their security posture around it. The change arrived through a routine AGESA firmware update with no release note, no advisory, and no way for Windows users to detect it.

The history complicates AMD's position. In a 2020 GitHub discussion about encryption features on AMD processors, Lendacky confirmed that a Ryzen 3700X, a consumer chip, "should support TSME." In a 2025 follow-up in the same thread, he recommended using TSME on what was clearly a consumer processor.

Intel Ships Competing Technology Broadly

Intel, with its Intel Total Memory Encryption (TME), continues to offer protection across its entire consumer and server lineup.

Intel TME encrypts the entire physical memory of a system with a single encryption key. It addresses concerns with cold boot and physical attacks on the memory subsystem.

Rival Intel ships total memory encryption broadly across its modern chips, which makes AMD's PRO-only stance look like a deliberate nudge toward pricier hardware for security-minded buyers.

Bug or Business Decision?

This leaves the big question of whether AMD deliberately restricted TSME to its Pro chips, or whether the change was an accidental regression — a firmware bug introduced in that newer AGESA version.

Joe Fitzgerald, an expert in silicon-level security, told Ars Technica that AMD owes users an explanation regardless of the cause. "They could have not realized they did it leading to their cagey responses, or they could have done it intentionally and tried to get away with it," he said. Either way, the silicon is capable, the feature was working, and it was removed through firmware without notice.

The big outstanding question is whether this is a deliberate policy decision by AMD to restrict TSME to PRO chips, or an unintentional regression that was introduced in AGESA 1.2.7.0. If it is policy, AMD chose to remove a working feature from consumer hardware. If it is an accidental regression, it is a bug AMD should fix. Either way, the silicon can do it, the change arrived through AGESA, and AMD has not explained it.

What Changed This Week

AMD removed hardware-level memory encryption from consumer Ryzen processors through a firmware update with no public announcement. The change affects users who relied on TSME to protect against physical attacks on system memory. The feature remains active on Ryzen PRO and EPYC processors, creating a security divide between consumer and enterprise product lines. AMD has not clarified whether the removal was intentional product segmentation or an accidental firmware regression.

What to Watch

AMD has not issued a public explanation beyond confirming TSME is now PRO-only. Security researchers are monitoring whether the company will restore the feature, classify it as a bug, or formally acknowledge it as product segmentation. At the time of writing, AMD has not publicly explained the change or documented it in official AGESA release notes. Unless the company issues further clarification, TSME appears to be reserved exclusively for Ryzen PRO and EPYC platforms moving forward. Users concerned about hardware memory encryption now face a choice: stay on older AGESA firmware versions, upgrade to Ryzen PRO processors, or switch to Intel platforms that ship Total Memory Encryption across consumer lines.

Reporting based on coverage from Ars Technica, Tom's Hardware, TechPowerUp, The Next Web, Technology.org, June 15-18, 2026.