Riot Games has publicly disclosed the existence of a newly identified and potentially dangerous security vulnerability embedded within a wide range of recently manufactured motherboard models. This flaw, according to the company, created an opportunity for malicious actors—specifically, cheat developers and users—to exploit hardware-level weaknesses in a way that would allow them to operate entirely undetected by conventional anti-cheat systems. In response to this revelation, several leading hardware manufacturers, including renowned industry names such as Asrock, Asus, Gigabyte, and MSI, have acted swiftly to address the problem by issuing new BIOS updates designed to close the vulnerability and restore full security integrity to affected systems.
In its detailed explanation, Riot emphasized that if this specific flaw had gone unnoticed for any significant length of time, it could have effectively undermined the entire foundation of current DMA (Direct Memory Access) detection and prevention technologies used throughout the gaming industry. The implications would have reached far beyond Riot’s own security frameworks, extending to virtually all major anti-cheat tools employed by other developers as well. The reason for this is that the class of cheats associated with the flaw operates within a highly privileged area of a computer’s architecture—a level of system access where traditional anti-cheat software rarely runs or monitors activity. In other words, cheaters could operate where the usual defensive measures virtually never reach, granting them a substantial advantage and rendering most security mechanisms useless.
As a direct consequence of this discovery, Riot has begun implementing stricter measures within its proprietary Vanguard anti-cheat system, which is used in its flagship title, *Valorant*. Players may now encounter prompts requiring them to update their motherboard’s BIOS to a patched version before they are permitted to launch or access the game. This new verification layer ensures that user systems are equipped with the necessary firmware updates to neutralize the vulnerability entirely. Industry observers also anticipate that other gaming companies, facing the same technical risk, might introduce similar update requirements or pre-boot security checks in the near future to safeguard their competitive ecosystems.
Riot’s internal research further revealed that the flaw could be exploited by specialized pieces of DMA-capable hardware that connect through a computer’s PCIe slots. These devices could theoretically circumvent IOMMU (Input-Output Memory Management Unit) protections, which are designed to act as a safeguard between hardware components and memory access. The problem arose because certain firmware configurations were not fully initializing these protective measures immediately after startup—even though diagnostic tools suggested that the protections were active. Riot’s team used a vivid analogy to describe the situation: the system’s security “bouncer” appeared to be awake and vigilant at the door, but in reality, had fallen asleep on duty, unknowingly allowing intruders to slip inside.
While the concept of a BIOS update might seem mundane when compared to the spectacle of public ban waves or visible enforcement actions, Riot argued that taking this preventive step is absolutely crucial in its ongoing technological arms race against sophisticated hardware-based cheating. By identifying and sealing this pre-boot vulnerability, the company believes it has effectively eliminated an entire category of cheats that once operated beyond reach. The implementation of these fixes not only strengthens the integrity of competitive gameplay but also greatly increases the time, effort, and cost required for cheat developers to continue their illicit endeavors, further reinforcing the broader principle of fair competition in modern gaming environments.
Sourse: https://www.theverge.com/news/847539/riot-games-motherboard-security-flaw-pc-cheaters-anti-cheat
