AMD Quietly Removes Memory Encryption from Consumer CPUs
Original: Users cry foul after AMD stripped memory crypto from its consumer CPUs
Why This Matters
Represents potential security regression for consumer users and raises questions about undisclosed hardware capability removal practices.
AMD has silently removed TSME (Transparent Secure Memory Encryption) from consumer Ryzen CPUs without warning or public notice. The security feature, which encrypts memory to prevent physical attacks, was previously available on lower-end consumer chips but now appears only on professional Pro CPUs, detected through firmware updates.
AMD added TSME protection to its high-end CPUs over a decade ago to defend against cold boot attacks and physical exploits targeting memory. The feature encrypts entire memory contents, rendering stolen data useless to attackers. Over time, AMD extended TSME to consumer-grade Ryzen processors, which cost less than Pro versions. In April 2026, Linux user Ben Kilpatrick discovered the feature had been removed from his Ryzen 7 9700X CPU. Using Windows Host Security ID auditing tool, Kilpatrick found TSME was no longer supported, despite previously being enabled in BIOS. Investigation revealed the removal occurred through AGESA firmware version 1.2.7.0, which disabled TSME on consumer CPUs while maintaining it on Pro versions. The change was undetectable on Windows and required technical work to discover on Linux. AMD has not publicly explained the removal and declined to answer questions, only stating that TSME is "a security feature only applied to PRO CPUs as part of AMD PRO Technologies." This is the first explicit confirmation AMD has made restricting TSME to professional products.