RSS

AMD Pulls Memory Encryption from Ryzen CPUs

KAMSPioneer1 pts0 comments

AMD Pulls Memory Encryption From Ryzen CPUs - Technology Org

Search

-->

Science & technology news

Science & technology news

Menu

Science & technology news

Developments

Competitions

Ideas

Our articles

About

Submit

Science and Technology Spotlight News

Latest news

Space news

Physics news

Information processing news

Life Sciences News

Military news

Technologies news

-->

AMD Strips Ryzen Memory Encryption

AMD has quietly removed a security feature from its consumer Ryzen processors, and it never told customers. The protection, called Transparent Secure Memory Encryption (TSME), scrambles everything held in system memory so an attacker with physical access reads only noise. For years it worked on low-cost Ryzen chips. Then it stopped — silently, with no notice, and in a way Windows users had no simple way to catch. When asked, AMD confirmed only that TSME now belongs to its PRO line.

AMD AI microchip. Image credit: AMD

Key Takeaways

TSME, which encrypts all of system memory against physical attacks, no longer switches on for consumer Ryzen chips even when the BIOS enables it.

AMD made the change through firmware (AGESA 1.2.7.0) with no announcement, and confirms only that the feature is now reserved for PRO processors.

Engineers traced an internal flag, DfIsTsmeEnabled, reading FALSE on consumer parts and TRUE on PRO and EPYC parts, but AMD declined to say whether the limit is silicon or policy.

A Routine Security Check Started It

In April, Ben Kilpatrick, who calls himself a privacy-conscious Linux hobbyist, installed a fresh operating system on a machine running a Ryzen 7 9700X built on AMD’s Zen 5 architecture. He ran Host Security ID (HSI), a tool that audits firmware and hardware security settings, to confirm his protections were active.

One line stopped him. Encrypted RAM showed as not supported. The same tool’s log showed that TSME had previously read as encrypted. Kilpatrick had kept the option switched on in his BIOS the entire time.

MSI Tests Confirm the Pattern

Kilpatrick spent months chasing an answer. He pressed engineers at MSI, the maker of his motherboard, until they agreed to run tests.

They found that consumer Ryzen chips on MSI and Gigabyte boards kept TSME working under an older firmware delivered through AGESA, AMD’s firmware framework. Swap to a newer release, version 1.2.7.0, and TSME reported as not supported. PRO Ryzen chips kept the feature across both boards and both firmware versions.

MSI went further. On an Asus X870E board, the team set a consumer Ryzen 9800X3D against a PRO Ryzen 9945. Kilpatrick relayed the result: "They [MSI support personnel] also conducted controlled testing on an Asus X870E motherboard with a Ryzen 9800X3D (consumer) and a Ryzen 9945 (PRO), finding tsme_status = 1 on the PRO processor and tsme_status = 0 on the consumer processor with the same board and BIOS." A 1 meant the protection was on. A 0 meant off.

Then came a blunt message from MSI’s marketing side. "MSI’s product marketing team has informed me that AMD officially communicated to MSI that TSME is exclusively supported on PRO series processors," Kilpatrick wrote.

The deepest evidence came from the AMD Boot Loader, the AGESA component that prepares hardware before the operating system loads. An internal flag named DfIsTsmeEnabled controls whether TSME activates during firmware startup. MSI’s memory dumps showed it reading FALSE on the consumer chip and TRUE on the PRO part. As Kilpatrick put it: "Their BIOS engineer also provided ABL dump comparisons showing DfIsTsmeEnabled returning FALSE for the 9800X3D regardless of whether TSME is set to AUTO or ENABLED in BIOS, while the 9945 returns TRUE when TSME is ENABLED."

AMD’s Engineers Go Quiet

Kilpatrick filed a bug report on AMD’s public engineering GitHub. Two AMD engineers stepped in. Tom Lendacky, an AMD fellow software engineer, said he didn’t know what caused the change and suggested toggling the BIOS option off and back on. "If that doesn’t work, my guess would be that it is a BIOS issue and you would want to contact MSI," he wrote. Mario Limonciello, a senior principal software engineer who maintains the fwupd version of HSI, offered similar advice: "If it still doesn’t work; then yes please report it to your board vendor to debug," he said.

Once the MSI findings landed, Kilpatrick asked the question that counted. "is DfIsTsmeEnabled being set to FALSE on consumer SKUs a silicon-level limitation, or is it a firmware policy decision within AGESA? The distinction matters quite a bit from a user perspective, since one is fixed and the other is potentially changeable."

Limonciello closed the door. "My apologies; but I don’t have any more information to share on this topic." The thread ended there.

Kilpatrick spelled out why the answer matters. "The big outstanding question is whether this is a deliberate policy decision by AMD to restrict TSME to PRO chips, or an unintentional regression that was introduced...

ryzen news tsme consumer kilpatrick memory

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

Claude Fable 5

Philpax30 ptsfable claude mythos model models capabilities

US Government directive to suspend access to Fable 5 and Mythos 5

Dylan131224 ptsfable government anthropic jailbreak access mythos

German ruling declares Google liable for false answers in AI Overviews

ahlCVA15 ptsgoogle court search overviews content users
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.