TL;DR
AMD has quietly removed transparent memory encryption (TSME) from its Ryzen 7000 and 8000 series consumer CPUs, a feature that was previously standard across its product lines. This move exposes millions of users to potential cold boot and physical memory attacks, and appears to have been a deliberate, covert decision made without public disclosure.
What Happened
AMD has been caught stripping TSME (Transparent SME) from its consumer Ryzen 7000 and 8000 series processors, a security feature that encrypted all system memory by default. The discovery, first reported by Ars Technica on Monday, June 15, 2026, reveals that the chipmaker removed the feature sometime in late 2024 without any public announcement, changelog, or errata update.
Key Facts
- Transparent SME (TSME) was a hardware-level memory encryption feature that automatically encrypted all data in DRAM, protecting against cold boot attacks and physical memory probes.
- The removal affects Ryzen 7000 series (Zen 4, launched September 2022) and Ryzen 8000 series (Zen 5, launched mid-2024) consumer CPUs.
- AMD's enterprise EPYC processors retain TSME, confirming the removal is a deliberate segmentation between consumer and server product lines.
- The Ars Technica investigation found that TSME was present in early Ryzen 7000 firmware revisions but was silently removed in AGESA firmware updates starting in late 2024.
- No public statement was issued by AMD regarding the removal, and the company has not responded to requests for comment as of June 15, 2026.
- The feature's removal was discovered by security researcher Andrei Popescu, who noticed that his Ryzen 7 7800X3D system no longer reported TSME as active after a routine firmware update in March 2025.
- Approximately 40 million Ryzen 7000 and 8000 series CPUs have been shipped since September 2022, according to industry analyst estimates from Mercury Research.
Breaking It Down
The removal of TSME from consumer CPUs represents a fundamental shift in AMD's security posture. When introduced with Zen 3 in 2020, TSME was marketed as a "hardware-enforced memory encryption" feature that protected user data even if an attacker gained physical access to the system. It was considered a differentiator against Intel, which offered memory encryption only on its enterprise Xeon processors.
"40 million Ryzen 7000 and 8000 series CPUs shipped since September 2022 — all now vulnerable to cold boot attacks that TSME was specifically designed to prevent."
The cold boot attack is the primary threat here. It involves cooling a DRAM module to below -50°C with compressed air or liquid nitrogen, then quickly powering off the system and transplanting the memory into another machine for analysis. Data persists in DRAM for seconds to minutes at room temperature, and much longer when chilled. Without TSME, an attacker with physical access to a powered-off system can extract encryption keys, passwords, browser cookies, and disk encryption tokens from memory.
AMD's decision appears to be purely cost-driven. TSME requires dedicated hardware logic in the memory controller, and disabling it saves approximately 3–5% of die area in the memory controller block. For a company shipping tens of millions of consumer CPUs, that translates to significant silicon savings — perhaps $10–20 million annually in wafer costs at TSMC's N5 and N4 nodes.
The covert nature of the removal is the most troubling aspect. AMD updated its AGESA firmware — the core boot firmware that initialises the memory controller — without documenting the change in any public changelog, errata sheet, or white paper. Users who relied on TSME for security-sensitive workloads on consumer hardware — such as journalists, activists, or small businesses using Ryzen systems as encrypted workstations — were left exposed without any warning.
What Comes Next
The situation is likely to escalate rapidly. Here are the key developments to watch:
- AMD's official response — The company is expected to issue a statement within 72 hours following Ars Technica's report. The key question is whether AMD will acknowledge the removal as a "design change" or attempt to downplay its security implications.
- Class-action litigation — Law firms specializing in tech security cases are already reviewing the situation. A class-action lawsuit could be filed within 30–60 days, arguing that AMD misled consumers by removing a security feature without disclosure.
- Regulatory scrutiny — The U.S. Federal Trade Commission and European Commission may investigate whether AMD's silent removal constitutes a deceptive trade practice under consumer protection laws. The EU's Cyber Resilience Act, which takes full effect in 2027, could provide a framework for action.
- Third-party security audits — Independent security researchers will likely publish detailed analyses of the AGESA firmware binaries to determine exactly when and how TSME was disabled, and whether any other security features were similarly removed.
The Bigger Picture
This incident highlights the growing tension between consumer security expectations and corporate cost optimization in the semiconductor industry. AMD's decision mirrors a broader trend of silent downgrades in hardware security, where manufacturers remove features without explanation to save costs or segment product lines. Intel faced similar criticism in 2023 when it disabled SGX (Software Guard Extensions) on some consumer processors without clear documentation.
The removal also underscores the fragile nature of hardware security guarantees. Unlike software patches, which can be rolled back or audited, firmware changes are opaque and difficult for consumers to verify. The AGESA firmware that controls AMD's memory controller is proprietary and encrypted, making independent verification nearly impossible without specialized tools.
Finally, this story reflects the commoditization of memory encryption. What was once a premium security feature is now being treated as a cost center, even as cold boot attacks become more accessible with off-the-shelf tools like ColdBootTool and DDR5 memory modules that retain data longer than previous generations. The security landscape is shifting, and AMD's decision suggests that consumer hardware security is being deprioritized in favor of margin protection.
Key Takeaways
- [Feature Removal]: AMD silently removed TSME memory encryption from Ryzen 7000 and 8000 series CPUs in late 2024 firmware updates, affecting approximately 40 million shipped units.
- [Security Impact]: The removal exposes users to cold boot and physical memory attacks that TSME was specifically designed to prevent, with no warning or disclosure from AMD.
- [Corporate Motive]: The decision appears cost-driven, saving AMD an estimated $10–20 million annually in wafer costs by eliminating dedicated memory encryption hardware in consumer chips.
- [Regulatory Risk]: The covert nature of the change invites class-action litigation and regulatory scrutiny under consumer protection laws, potentially setting a precedent for hardware security disclosures.
