AMD Quietly Removed a Key Security Feature

AMD quietly removed a key memory encryption feature from its consumer CPUs, weakening protection against physical data theft from laptops and PCs.

AMD has quietly removed a key hardware security feature from its recent consumer processors. The feature, called Transparent Secure Memory Encryption (TSME), is designed to protect a computer’s memory from physical attacks. It works by automatically encrypting all data stored in the system's RAM. This makes the information unreadable to an attacker who gains physical access to the memory chips, a technique used in exploits like cold boot attacks. For years, AMD included TSME in both its high-end and lower-end CPUs, making it a standard layer of defense. However, users discovered the feature was missing from newer consumer-grade chips without any official announcement or documentation from the company.

The unannounced removal of TSME has significant implications for security-conscious users and organizations. While the average home user may not face physical memory attacks, the risk is much higher for corporate laptops containing sensitive intellectual property or personal data. For IT and security teams, this change weakens the physical security of company-issued devices. It means a stolen or lost laptop is more vulnerable to sophisticated data extraction if the attacker can get to the hardware. This forces a re-evaluation of hardware procurement policies and risk assessments, as devices once considered secure may no longer meet an organization's standards for data protection.

This change highlights a growing distinction between consumer and enterprise-grade hardware. While TSME appears to have been removed from consumer product lines, similar memory encryption technologies remain a core feature of AMD's more expensive server and professional CPUs. The lack of communication from AMD is a primary source of frustration, as it prevents IT leaders and security professionals from making fully informed purchasing decisions. Organizations that rely on this level of hardware security must now be more diligent in verifying feature sets before deployment, potentially increasing costs and complexity.

The unannounced removal of a hardware security feature erodes trust and forces a re-evaluation of device security. It makes data on stolen laptops more vulnerable to sophisticated physical attacks, bypassing standard software encryption.

IT and security teams must reassess their hardware procurement strategies and risk models for employee devices. Companies may face higher costs if forced to buy more expensive enterprise-grade CPUs to maintain their required security posture.