AMD disables RAM encryption on consumer Ryzen chips
AMD has quietly disabled Transparent Secure Memory Encryption (TSME) on consumer Ryzen processors through a firmware update, removing hardware-level RAM protection without warning. The feature, which automatically encrypts all data in system memory using a hardware-generated key, had been present on Zen-family CPUs since 2016. Its removal leaves consumer chips exposed to cold boot attacks and physical memory theft, while enterprise-focused PRO variants retain the protection.
A silent firmware change
The shift emerged in April 2026 when a privacy-focused Linux user discovered an “encrypted RAM: not supported” message during a security audit on a Ryzen 7 9700X system, despite TSME being enabled in BIOS. Controlled tests comparing a Ryzen 9800X3D and a Ryzen PRO 9945 showed the PRO chip initializing TSME while the consumer model did not. Analysis of AMD’s AGESA 1.2.7.0 firmware revealed an internal flag, DfIsTsmeEnabled, forcibly set to FALSE for all non-PRO SKUs regardless of user settings.
No clear explanation
AMD engineers have not provided substantive responses when queried about the change. In a brief interaction, engineer Mario Limonciello stated he had no additional information to share. The company’s only public statement now claims TSME is a PRO-only feature—a stance not previously communicated despite years of consumer use. The removal affects millions of desktop and laptop systems running recent AGESA versions, leaving users unaware of the reduced security posture.
Source: DEV Community. AI-assisted editorial synthesis — TechnoExpress.