Infra Watch

AMD Restores Ryzen Memory Encryption in July

AMD Restores Ryzen Memory Encryption in July

AMD has reversed a controversial decision to disable Transparent Secure Memory Encryption (TSME) on consumer Ryzen 9000 desktop processors, committing to reinstate the feature via a July BIOS update. The move follows sustained community pressure after users discovered that a firmware update incorporating AGESA 1.2.7.0 or later rendered TSME nonfunctional, even when enabled in the BIOS menu. The change sparked broader concerns about firmware transparency and hardware security accountability.

TSME encrypts all RAM contents using a boot-generated key without involving the operating system or introducing performance overhead. Its removal affected Ryzen 9000 non-PRO desktop users, leaving them vulnerable to cold boot attacks—a technique where an adversary freezes memory modules to extract data from active RAM. Engineers had previously confirmed TSME’s operation on consumer chips, but the firmware update effectively disabled the feature without public explanation or warning.

Related: Blink Outdoor 2K+ hits record low ahead of Prime Day

The issue stemmed from AGESA, a proprietary binary distributed by AMD to motherboard OEMs. This model allows security policy changes to be shipped through routine BIOS updates without mandatory changelogs, making the TSME removal invisible to most Windows users. Detection required Linux-specific tools like fwupdmgr security or dmesg commands, a level of technical expertise few typical users possess. They responded to bug reports with evasive answers, with senior engineers offering vague advice before closing the discussion.

Community backlash, including detailed analysis by hardware security researcher Joe FitzPatrick, forced AMD to reverse course. A June 20 statement confirmed the July restoration of TSME.

Related: Dragon Season 3 Premieres Tonight Amid Naval Crisis

For affected users, the interim period between the AGESA 1.2.7.0 rollout and the July patch created a documented gap in protection. Mitigations include physical access controls and reliance on software full-disk encryption like BitLocker, which protects data at rest but not active memory. The July update will restore TSME as a toggle.

AMD’s decision is seen as a positive step.

Related: Bezos bets on brain-like startup for AI power fix

Users will have to wait until July for the update. They will need to apply the BIOS update to restore TSME. The community will be watching to see how AMD handles future security updates.

Leave a Comment

Your email address will not be published. Required fields are marked *