By ByteBot
AMD pushed a firmware update that disabled memory encryption on consumer Ryzen CPUs. No advisory. No changelog entry. No notification. The silicon on your chip is physically capable of doing it — AMD just told the firmware to stop. The feature worked for years across Zen 2, Zen 3, and Zen 4 consumer chips. Then AGESA 1.2.7.0 shipped, and AMD quietly disabled RAM encryption without a word.
AMD’s Ryzen Memory Encryption — What TSME Actually Did
The feature in question is Transparent Secure Memory Encryption (TSME) — AMD’s firmware-level RAM encryption. It uses a single key generated by the AMD Secure Processor at boot, encrypts everything in system memory, and does so completely transparently to the OS and applications. No performance penalty. No configuration required. It simply ran beneath the surface.
What TSME protected against is concrete. Cold-boot attacks exploit DRAM data remanence — RAM retains its charge briefly after power loss, long enough for an attacker with physical access to either pull the DIMMs and read them on another machine, or boot from a USB drive and image memory before data decays. Cooling the modules with compressed air or liquid nitrogen extends that window to several minutes. With TSME active, an attacker reads nothing but encrypted noise. Without it, any credential, encryption key, or session token sitting in RAM is readable.
This is not a theoretical scenario. It is precisely the attack journalists, activists, security researchers, and developers handling sensitive production credentials need protection against. TSME was that hardware-level protection — and AMD removed it from consumer Ryzen without a word.
How the Removal Was Discovered
Ben Kilpatrick, a privacy-focused Linux user, installed a fresh OS on a Ryzen 7 9700X in April 2026. He ran Host Security ID (HSI) — a Linux tool that audits firmware and hardware security configurations — and found a result that stopped him: “Encrypted RAM: Not Supported.” Previous HSI logs on the same machine had shown TSME as active and encrypted.
Kilpatrick spent months investigating. MSI engineers confirmed the change had not originated from the motherboard. The culprit was AMD’s AGESA firmware — specifically, AGESA 1.2.7.0 sets an internal flag, DfIsTsmeEnabled, to FALSE for consumer chips. The silicon remains capable. The flag tells it to stand down.
He filed a bug report on AMD’s public GitHub. AMD dismissed it. Moreover, Windows users have no easy way to detect any of this — the BIOS toggle may still display TSME as “enabled.” It does not function.
AMD’s Response: Silence, Then a Contradiction
When pressed, AMD’s official position was: TSME “is a security feature only applied to PRO CPUs as part of AMD PRO Technologies.” However, this directly contradicts AMD engineer Tom Lendacky’s 2020 on-record statement that consumer Ryzen chips “should support TSME.” AMD has reversed years of documentation and engineer guidance without any explanation.
When a follow-up pressed for whether this was intentional or a regression, AMD engineer Mario Limonciello replied: “My apologies; but I don’t have any more information to share on this topic.” Security researcher Joe FitzPatrick put it plainly: “They could have not realized they did it… or they could have done it intentionally and tried to get away with it… But I really feel like an explanation should be in order.”
AMD separately claimed the removal reduces latency and power consumption. Independent benchmarks show TSME has negligible performance impact. The community is not persuaded.
Intel Has Not Done This
Intel ships Total Memory Encryption (TME) across its consumer and server chip lineup. It has been available on Intel consumer processors since Ice Lake (10th generation) and Intel has not restricted it to enterprise SKUs. Furthermore, Intel’s MKTME extension supports multiple independent keys, enabling per-VM memory isolation — a capability AMD reserves for EPYC server chips.
The contrast is difficult to explain away. AMD wants customers who need hardware memory encryption to buy Ryzen PRO. The consumer line now ships with a security capability physically present in silicon, deliberately locked out via firmware. Intel’s position makes AMD’s look like a calculated upsell, not a technical constraint. The Tom’s Hardware investigation confirmed identical silicon in consumer and Pro variants — the only difference is the firmware flag.
What to Do Now
On Linux, run fwupd-host-security-id and check for “Encrypted RAM” status. On Windows, detection requires third-party tools or booting a Linux environment — there is no native path. Additionally, check whether your current BIOS version predates AGESA 1.2.7.0; if so, verify TSME status before updating.
Rolling back AGESA firmware restores TSME but means forgoing security and stability patches in newer releases. Software-based full-disk encryption — BitLocker, LUKS, VeraCrypt — does not substitute. FDE protects data at rest on disk, but during runtime, keys and credentials sitting in active RAM remain unencrypted and exposed to cold-boot attack. The two protections are complementary, not interchangeable.
If hardware memory encryption is a firm requirement for your workload, the current options are Ryzen PRO series or Intel consumer chips. Consumer Ryzen after AGESA 1.2.7.0 does not provide it. AMD owes its users a straight answer. The feature worked. The silicon can still do it. They turned it off without saying so, and that is not acceptable regardless of the business reason behind it.
