In a significant escalation of its ongoing battle against sophisticated cheaters, Riot Games has announced that players of its popular tactical shooter, Valorant, must update their motherboard firmware to continue playing. This unprecedented move stems from the discovery of a critical security flaw affecting major motherboard brands, which could allow hardware-based cheating devices to bypass the game's core security systems. The mandate highlights the increasingly complex and intrusive measures developers are taking to preserve competitive integrity in online gaming.
The Core Vulnerability: A Flaw in Pre-Boot Protection
The issue centers on a fundamental hardware security feature known as Pre-Boot DMA (Direct Memory Access) Protection. This feature, managed by a system's Input-Output Memory Management Unit (IOMMU), is designed to prevent unauthorized devices from accessing a computer's memory during the critical boot process before the operating system loads. Riot's Vanguard anti-cheat system relies on this protection being fully active to ensure no malicious code is injected via DMA attacks before it can start its own defenses. However, Riot's engineers discovered that firmware from several major motherboard manufacturers—including Asus, Gigabyte, MSI, and ASRock—incorrectly signaled to Windows that this protection was active when, in fact, the IOMMU was failing to initialize correctly. This created a window of vulnerability where expensive, hardware-based cheating devices could potentially compromise the system's integrity before Vanguard even had a chance to start.
Technical Summary of the Vulnerability:
- Feature: Pre-Boot DMA Protection (via IOMMU)
- Flaw: Motherboard UEFI/BIOS firmware incorrectly reports this protection as "active" to the operating system, while failing to initialize the IOMMU correctly during early boot.
- Result: Creates a window for DMA-based hardware cheating devices to potentially inject code before the OS and anti-cheat software are fully loaded.
- Riot's Action: Blocks Valorant launch (VAN: Restriction error) on systems without the patched firmware update.
Riot's Response: A Non-Negotiable Mandate for Players
In response to this discovery, Riot Games has taken a firm stance, effectively making the installation of patched motherboard BIOS/UEFI firmware a requirement to play Valorant. Players attempting to launch the game on an affected system without the necessary update will encounter a "VAN: Restriction" error, blocking their access. Riot has been coordinating with motherboard partners since identifying the flaw earlier in 2025, leading to the release of security advisories and updated firmware for the affected models. The company frames this not as an optional security enhancement but as a necessary step to maintain a baseline of security against well-funded cheating operations that utilize DMA hardware, arguing that BIOS updates, while less exciting than ban waves, are crucial in the technical arms race against cheat developers.
Affected Motherboard Brands and Security Advisories:
- Asus: Security Advisory (CVE-2025-11901)
- Gigabyte: Security Advisory (CVE‑2025‑14302)
- MSI: Security Advisory (CVE-2025-14303)
- ASRock: Security Advisory (CVE-2025-14304)
- General Case: VU382314
The Broader Implications and Community Concerns
This mandate has ignited a fresh debate around the trade-offs between security, convenience, and user autonomy in PC gaming. On one hand, it represents a proactive, if aggressive, measure to close a serious security hole that benefits all users, not just gamers. On the other, it forces a potentially risky procedure—updating system firmware—upon a vast user base simply to access a game. Firmware updates carry a small but non-zero risk of bricking a motherboard if interrupted or performed incorrectly, a prospect that makes many users understandably nervous. Furthermore, it reinforces criticisms of Vanguard as one of the most intrusive anti-cheat systems, now extending its reach deeper into the PC's hardware layer. While the vulnerability requires local physical access to exploit, making it a niche threat for most, Riot's decision underscores its zero-tolerance approach to potential cheat vectors, prioritizing competitive fairness above all else.
A Necessary Evil in the Fight Against Cheating?
As of December 2025, players are now faced with a practical choice: update their motherboard's BIOS or find another game. For the dedicated Valorant community, the path is clear, albeit frustrating. This event sets a notable precedent in the industry, demonstrating how far anti-cheat efforts may need to go to combat hardware-level threats. It also serves as a stark reminder for all PC users about the importance of firmware security, an area often overlooked until a critical flaw is exposed. Whether this move will be seen as a heavy-handed overreach or a justified and necessary security measure will likely depend on one's perspective, but its impact on the landscape of anti-cheat technology is undeniable.