AMD Will Restore TSME to Ryzen 9000 After Silent BIOS Removal

AMD has confirmed that Transparent Secure Memory Encryption will return to certain consumer Ryzen 9000 desktop processors after the security feature was quietly removed through a recent BIOS update. The company told Tom’s Hardware that motherboard manufacturers will receive an updated BIOS release in July 2026, restoring the option following what AMD described as valuable community feedback.

TSME, also marketed as AMD Memory Guard on Ryzen PRO systems, encrypts data stored inside system memory using a key generated by the processor. The key changes when the system restarts, helping protect sensitive information against cold boot attacks, physical memory removal, and other scenarios where an attacker has direct access to the machine. It is not a defense against normal remote malware attacks, but it remains valuable for privacy focused users, professionals handling confidential information, and systems exposed to possible theft or physical tampering.

The removal was discovered by Linux user Ben Kilpatrick while auditing a system equipped with a Ryzen 7 9700X and an MSI MPG X870E Edge TI WiFi motherboard. Although TSME remained enabled inside the BIOS, the operating system reported that encrypted memory was no longer supported. Kilpatrick documented the issue through AMD’s public GitHub repository, where initial troubleshooting failed to explain why the feature had stopped working.

MSI later tested consumer and Ryzen PRO processors across different BIOS versions and reportedly traced the behavior to AMD AGESA 1.2.7.0. Older firmware allowed compatible consumer processors to activate TSME, while newer firmware returned the feature as unsupported on non PRO models. Ryzen PRO processors continued to support the feature, suggesting that the underlying consumer silicon remained capable but was being restricted through firmware.

AMD did not announce the change in release notes, security advisories, or motherboard update documentation. This lack of communication became the larger source of criticism because users could install a routine BIOS update without realizing that a security capability had been removed. Windows users also had no simple way to identify the change, while Linux users needed security auditing tools or direct hardware checks to confirm whether encryption remained active.

"We take the security of our customers’ data very seriously."
— AMD.

AMD has now clarified that Memory Guard remains a foundational feature of Ryzen PRO desktop and mobile processors and will not be removed from that lineup. For certain non PRO Ryzen 9000 desktop processors, however, the company acknowledged that the BIOS option had previously been available before being removed in a recent update. The July BIOS release will reverse that decision, although AMD has not provided a complete list of every supported processor or explained why the feature was removed in the first place.

The incident highlights how much control modern firmware has over capabilities that physically exist inside a processor. AGESA code is distributed by AMD to motherboard manufacturers and forms a central part of CPU, memory, security, and platform initialization. This means a BIOS update can improve compatibility and performance, but it can also change security behavior without replacing any hardware.

The return of TSME will therefore depend on motherboard vendors integrating AMD’s new firmware into their own BIOS releases. Availability may vary between ASUS, MSI, GIGABYTE, ASRock, and other manufacturers, so users will need to check the support page for their specific motherboard once the July firmware begins rolling out. AMD’s decision also shows the importance of community testing. The change may have remained unnoticed much longer without Kilpatrick’s Linux security audit, MSI’s controlled testing, and the wider investigation that followed. Restoring the feature is the correct outcome, but the company still needs clearer communication whenever firmware changes affect capabilities users may rely on.

This was less about a catastrophic vulnerability and more about transparency. Most gaming desktops are unlikely to face a physical memory extraction attack, but silently removing an existing security feature creates uncertainty around platform trust. AMD responded quickly once the issue gained wider attention, and the July BIOS should correct the immediate problem. The next step should be stronger release documentation so users and motherboard partners understand exactly what changes when new AGESA firmware arrives.

Should CPU manufacturers be required to clearly disclose every security feature changed through BIOS updates, even when the risk mainly requires physical access?