Your Ryzen CPU previously encrypted your RAM, but a firmware update has quietly disabled that feature.

      TL;DRAMD has quietly disabled TSME memory encryption on consumer Ryzen CPUs via firmware, although the silicon still has the capability; AMD claims it is only for PRO CPUs.

      AMD has discreetly turned off a security feature on its consumer Ryzen processors that helped safeguard users from physical memory attacks. The Transparent Secure Memory Encryption (TSME) feature encrypted all data in RAM with a key that changed at each boot. When operational, it rendered cold boot attacks, snooping on the DRAM interface, and physical memory module removal ineffective because the data extracted was encrypted.

      TSME was functional on consumer Ryzen chips for several years. However, a firmware update quietly deactivated it, and AMD has not provided an explanation for the change.

      The issue was uncovered in April by Ben Kilpatrick, a privacy-oriented Linux user installing a new operating system on a Ryzen 7 9700X, part of AMD’s Zen 5 architecture. After running Host Security ID, a tool that assesses security configurations, he noticed that the encrypted RAM status switched from “Encrypted” to “Not supported” without any related BIOS update or system modification.

      Kilpatrick submitted a bug report to AMD’s public engineering GitHub repository. Two AMD engineers responded. Tom Lendacky, an AMD fellow software engineer, expressed ignorance about the reason for the change and suggested adjusting the BIOS settings. Mario Limonciello, an AMD principal technical staff member and maintainer of fwupd, provided the same advice.

      Neither recommendation was effective. Kilpatrick then escalated the issue to MSI, the maker of his motherboard, ultimately convincing their engineering team to conduct controlled tests.

      The results were clear. MSI tested both a consumer Ryzen 9800X3D and a Pro Ryzen 9945 on the same Asus X870E motherboard with the same BIOS. The Pro chip showed a TSME status of 1, indicating it was enabled, while the consumer chip showed 0.

      MSI’s BIOS engineers further examined memory captures from AMD’s Boot Loader, part of AMD’s Generic Encapsulated Software Architecture firmware that initializes hardware before the operating system boots. They discovered an internal AGESA flag called DfIsTsmeEnabled showed FALSE for the consumer processor, regardless of whether TSME was set to AUTO or ENABLED in the BIOS. In contrast, the flag showed TRUE for the Pro chip when TSME was enabled.

      The silicon in both processors is the same. The limitation is imposed entirely by firmware. The consumer Ryzen chip is physically capable of memory encryption but is instructed not to do so.

      When Kilpatrick reported these findings to AMD’s engineers on GitHub, he directly asked if the DfIsTsmeEnabled being FALSE on consumer chips was a limitation of the silicon or a firmware policy decision. Limonciello replied, “My apologies; but I don’t have any more information to share on this topic.” The conversation ended there.

      AMD declined to comment further to Ars Technica beyond stating that TSME “is a security feature only applied to PRO CPUs as part of AMD PRO Technologies.” This marks the first time the company has explicitly mentioned this limitation. While AMD has previously noted that the related feature Secure Memory Encryption is restricted to Pro and EPYC tiers, TSME had been in a more ambiguous category.

      This history complicates AMD’s stance. In a 2020 GitHub discussion on encryption features, Lendacky confirmed that a Ryzen 3700X, a consumer chip, “should support TSME.” In a 2025 follow-up in the same thread, he recommended using TSME on a clearly identified consumer processor.

      Chip-level security vulnerabilities have historically caught vendors by surprise, but this situation involves the withdrawal of a functioning feature rather than the discovery of a flaw.

      AMD never officially promoted TSME as available on consumer Ryzen chips. However, the feature functioned, was confirmed by AMD’s own engineers, and users built their security practices around it.

      This change occurred via a routine AGESA firmware update with no release notes, advisories, or any method for Windows users to detect it. On Linux, detection required using HSI or manually checking a specific hardware register.

      The practical implication is clear. Anyone using a consumer Ryzen processor who depended on TSME for protection against physical access attacks—such as journalists, activists, security researchers, or anyone handling sensitive data on laptops—has lost that protection without notification.

      The BIOS setting remains visible. It can still be toggled, but it no longer has any effect.

      Firmware-level security adjustments in processors are notoriously difficult for end users to identify, and chip manufacturers have typically been slow to communicate such changes. AMD’s lack of clarity on whether this was an intentional policy choice or an accidental regression leaves affected users unable to evaluate their risk.

      Joe Fitzgerald, a silicon-level security expert, remarked to Ars Technica that AMD owes its users a clear explanation, regardless of the reason behind the change. “They could have