Riot’s New Anti-Cheat May Strain Older PCs
▼ Summary
– Most competitive PC multiplayer games now use kernel-level anti-cheat software, which runs with elevated privileges to detect advanced cheating methods.
– This anti-cheat software increasingly requires Windows security features like Secure Boot, a TPM 2.0 module, and virtualization-based memory integrity.
– Riot Games is implementing a new BIOS update requirement for some players due to a discovered UEFI bug affecting certain motherboards.
– The bug allows a security feature that protects system memory during boot to be disabled, creating a window for hardware devices to access RAM and potentially cheat.
– The BIOS update will only be enforced for a restricted group of Valorant players whose systems resemble those used by cheaters to bypass security.
The landscape of competitive online gaming continues to evolve, with advanced kernel-level anti-cheat software becoming a standard requirement for many popular titles. These powerful security tools operate with deep system privileges, loading early in the boot process to detect sophisticated cheating methods. To function effectively, they increasingly rely on modern Windows security features, including Secure Boot, TPM 2.0 modules, and virtualization-based security. Riot Games, a pioneer in this arena with its Vanguard anti-cheat for games like Valorant and League of Legends, is now introducing a new prerequisite for some users: a mandatory BIOS update.
This requirement stems from the discovery of a significant UEFI firmware bug affecting the input-output memory management unit, or IOMMU, on certain motherboards from various manufacturers. The IOMMU plays a crucial role in safeguarding system memory during the boot sequence, preventing external hardware devices from directly accessing and potentially manipulating RAM. This protection is a key defense against hardware-based cheating exploits.
The specific vulnerabilities, identified as CVE-2025-11901, CVE-2025‑14302, CVE-2025-14303, and CVE-2025-14304, created a dangerous loophole. They allowed the pre-boot direct memory access (DMA) protection to be disabled, even when the BIOS settings indicated it was active. This opened a brief but critical window during system startup where DMA-capable devices could access memory, providing a potential pathway for determined cheaters to bypass security measures.
Given the highly technical and niche nature of this hardware-level exploit, Riot’s Vanguard will not enforce the BIOS update mandate across its entire player base. Instead, the requirement will initially target a specific subset of Valorant players. The company states it will apply to accounts placed under restriction, specifically those whose system configurations appear “too similar to cheaters who get around security features in order to become undetectable to Vanguard.” This targeted approach aims to address the highest-risk scenarios without broadly impacting all users.
For players with older or less common PC hardware, this development raises important considerations. BIOS updates can sometimes be complex or carry risks, and finding the correct firmware for an older motherboard may prove challenging. While the immediate impact is limited, it signals a future where maintaining fully updated system firmware could become essential for accessing the latest online games, potentially straining legacy systems that lack ongoing manufacturer support.
(Source: Ars Technica)
