A security feature that protects data sitting in RAM vanished from consumer AMD Ryzen chips after a recent platform firmware update, with no public notice and no on the record explanation from the company.
A built-in memory encryption feature disappeared from AMD's consumer Ryzen processors after a recent platform firmware update, according to Tom's Hardware, and AMD engineers have not answered press questions about the change.
Memory encryption is a CPU feature that scrambles data while it sits in RAM, so that physical access to the memory modules, or a cold-boot attack where someone briefly powers a machine off and pulls the DIMM, does not directly expose working data. It is transparent to the operating system and applications, and on most platforms it is enabled through a setting in the motherboard BIOS rather than in software. Its absence does not make a normal desktop insecure against remote attackers, but it does remove a layer of defense for laptops that get lost or stolen, for shared workstations in offices and labs, and for anyone whose threat model includes physical access to the machine.
The change reached consumer machines through AGESA, AMD's low-level platform initialization code that motherboard vendors package into BIOS updates. AGESA is the layer that decides which CPU features get exposed to the operating system at boot. When a motherboard maker ships a newer AGESA version, end users typically receive it as a BIOS update pushed through their motherboard vendor, not through Windows or AMD's own software. Most owners encounter AGESA only as a version string on the BIOS screen, which is exactly why a security-relevant change at that layer is hard for consumers to notice.
According to the Tom's Hardware report, the encryption feature stopped appearing on consumer Ryzen CPUs after newer AGESA firmware was released, and AMD engineers did not respond when pressed for an explanation. The publication's reporting did not surface an AMD statement, an entry in AMD's public AGESA changelog, or a coordinated security advisory explaining the removal. AMD has historically marketed memory encryption as a feature of its Epyc server and Threadripper Pro lines, where it is treated as an enterprise differentiator, which is one reason a quiet change at the consumer level drew attention.
Two things are unusual about this. First, security features on widely deployed platforms are normally downgraded through advisories that name the affected products and the reason, not through firmware updates that ship without notice. Second, when a publication asks a chipmaker why a security-relevant capability was removed and the company declines to answer, readers are left to guess at the cause, whether it was a bug fix, a design decision, or a tradeoff that the company has decided not to explain. Either way, the lack of an on-the-record explanation is itself the news.
The practical question for affected users is whether their own machine is running the newer firmware. Owners of consumer Ryzen desktops and laptops can check the AGESA version in their motherboard BIOS, or on many systems by reading the BIOS version reported in Windows System Information and looking up the matching AGESA string on their motherboard vendor's support page. Anyone who depends on the feature for their threat model, such as people who travel with sensitive data, researchers handling unpublished work, or small businesses whose insurance assumes in-CPU memory encryption, can hold the BIOS update, roll back to a previous version if their vendor still hosts one, or treat the machine as if the feature were absent and apply physical-security mitigations accordingly. Buyers considering a new consumer Ryzen system should ask their vendor or system integrator which AGESA version the board ships with.
What happens next depends on AMD. If the company publishes a clear statement explaining the change, naming the affected products, and stating whether the feature can be restored, the story becomes a footnote. If AMD continues to decline to answer, the silence will keep drawing the kind of attention that the original report already attracted, because security features are not supposed to disappear from consumer hardware without a paper trail.