- BIOS Restoration: AMD says it will reinstate Memory Guard, its Transparent Secure Memory Encryption option, for certain non-PRO Ryzen 9000-series desktop processors through July BIOS updates.
- Firmware Behavior: Newer AGESA-based motherboard firmware stopped exposing encrypted-memory capability on some consumer systems, while Ryzen PRO support remained available where supported in silicon.
- Owner Retest: Owners must wait for board-vendor BIOS files and verify support at the operating-system level before treating TSME as restored.
- Remaining Gap: AMD’s restoration promise addresses availability, but it still does not fully explain why the option disappeared from consumer firmware first.
[UPDATE 23.06.2026 – 17:11 CEST] This story has been updated to reflect AMD’s statement that it will reinstate Memory Guard/TSME for certain non-PRO Ryzen 9000-series desktop processors through a July BIOS release; earlier wording that framed the consumer loss as unresolved has been clarified.
AMD says it will reinstate Memory Guard, its Transparent Secure Memory Encryption (TSME) option, for certain non-PRO Ryzen 9000-series desktop processors through motherboard BIOS firmware updates in July 2026. The promise updates the earlier finding that newer AMD Generic Encapsulated Software Architecture firmware left some consumer systems without Transparent Secure Memory Encryption support, while Ryzen PRO processors remain covered by AMD’s existing Memory Guard support.
Transparent Secure Memory Encryption (TSME), AMD’s firmware-level memory-encryption mode, can encrypt RAM below the operating system before software loads. Firmware-level protection can reduce exposure from physical memory attacks, and AMD now says the BIOS option was previously available for certain non-PRO Ryzen 9000-series desktop processors, was removed in a recent update, and will be reinstated in an upcoming BIOS release.
AGESA Removal, July Restoration, and the Ryzen PRO Split
Earlier evidence came in April, when privacy-conscious Linux hobbyist Ben Kilpatrick saw the problem through an April Host Security ID output on a Ryzen 7 9700X system. Host Security ID, a Linux security-audit output, changed Encrypted RAM from “Encrypted” to “Not supported” even though TSME remained enabled in BIOS.
In the public AMDSEV issue, the test platform is a Ryzen 7 9700X, MSI MPG X870E EDGE TI WIFI motherboard, AGESA 1.3.0.0 BIOS, and Linux system where the Secure Memory Encryption hardware enable bit stayed at 0. Adding mem_encrypt=on did not activate the feature because the Linux kernel did not detect the capability, making the firmware menu a poor user-facing guarantee.
MSI testing then turned that user-side finding into a product-line split. Consumer Ryzen systems kept TSME under older firmware but lost TSME under AGESA 1.2.7.0, while PRO Ryzen parts continued to report support across the tested firmware paths.
One comparison returned tsme_status 0 for a consumer Ryzen 9800X3D and tsme_status 1 for a PRO Ryzen 9945 on the same Asus X870E motherboard and BIOS. The key change since those tests is that AMD now says it will restore the Memory Guard BIOS option for certain non-PRO Ryzen 9000-series desktop processors rather than leaving the missing capability as an unresolved consumer-versus-PRO outcome.
Windows users still face a practical visibility gap because Windows lacks a first-party detection path for the TSME flag. Many owners depend on firmware menus or Linux-level checks to know whether the protection is really active, and the same caution applies after a future board-vendor BIOS update restores the option.
What Memory Guard Protects, and What AMD Still Has Not Explained
TSME uses a single key generated by the AMD Secure Processor at boot and can encrypt system memory without operating-system involvement when BIOS enables it. Firmware-level encryption can reduce exposure from cold boot exploits, DRAM interface snooping, and memory module removal, but it does not make a compromised system safe or prove that every consumer Ryzen owner faces immediate risk.
AMD’s product positioning puts AMD Memory Guard on Ryzen PRO, Threadripper PRO, and Athlon PRO lines with OEM enablement. AMD’s new statement says support for Ryzen PRO desktop and mobile processors remains in place where supported in silicon, while certain non-PRO Ryzen 9000-series desktop processors will regain the BIOS option through the July release.
OEM enablement also means support can depend on the processor line and system vendor, not only on a visible firmware switch. For IT teams and security-conscious desktop owners, the current practical next step is to watch board-vendor BIOS releases and verify the OS-reported memory-encryption state after updating.
In 2020, AMD’s Tom Lendacky stated that a consumer Ryzen 3700X should support TSME, making the current consumer-versus-PRO behavior more than a single motherboard quirk and part of why users asked AMD for a clearer explanation.
Joe FitzPatrick, silicon-level security expert and analyst, focused on the explanation gap rather than treating the tests as a complete answer.
“But I really feel like an explanation should be in order, even if it was ‘TSME was never supposed to be supported. We did ship some firmwares that erroneously enabled it, but you shouldn’t use them since we can’t guarantee it’ll work properly.'”
Joe FitzPatrick, silicon-level security expert and analyst (via Ars Technica)
AMD senior principal software engineer Mario Limonciello later gave no extra detail, saying “My apologies, but I don’t have any more information to share on this topic.” AMD’s restoration promise answers the immediate availability problem for certain non-PRO Ryzen 9000-series desktop processors, but owners still need motherboard-vendor BIOS files in July and a post-update check before treating TSME as active again.
