Vanguard tightens boot security after motherboard IOMMU bug

Table of Content

Riot has identified a critical motherboard firmware flaw that undercuts boot-time protections and can let DMA-based cheats inject code before Windows and anti-cheat defenses load. In response, Vanguard will begin stricter enforcement for certain players in the near future. If your system matches the affected profile, you’ll see a VAN:Restriction prompt and be blocked from launching Valorant until security settings are enabled or your BIOS is updated. Major motherboard makers have issued firmware fixes after Riot shared its findings earlier this year.

What Riot found – the early-boot blind spot

During boot, components that load earlier have more privilege – and that includes firmware. Riot’s research shows that some vendor firmwares reported “Pre‑Boot DMA Protection” as enabled while failing to correctly initialize the IOMMU at the earliest stage. The result: the system appeared secured, but the IOMMU “bouncer” was asleep for a brief window when a sophisticated hardware cheat could access memory and hide before Vanguard or the OS could intervene.

Why this matters for DMA cheats

DMA (Direct Memory Access) devices can read system memory without going through the CPU or Windows. IOMMU isolates and gates that access, but only if it’s active from the first milliseconds of power‑on. The firmware misreporting undermined that guarantee, creating a narrow but exploitable path for hardware-assisted cheats.

How enforcement will work

• VAN:Restriction prompts will appear on affected systems, blocking Valorant until required protections are enabled or the motherboard BIOS is updated.
• Restrictions may be applied at the account or HWID level when Vanguard detects suspicious hardware behavior or statistical anomalies consistent with bypassed protections.
• Receiving a restriction does not automatically imply cheating – it indicates a configuration that resembles known evasion patterns.

Vendor advisories and identifiers

Hardware partners validated the issue and released BIOS updates to close the gap. Security references provided alongside the disclosure include:

• US-CERT: Case VU#382314
• Asus: CVE-2025-11901
• Gigabyte: CVE-2025-14302
• MSI: CVE-2025-14303
• ASRock: CVE-2025-14304

Read also our article: Star Wars Outlaws joins Game Pass – the scoundrel sandbox expands

These updates aim to ensure that when security features are enabled, they’re active immediately at power‑on, not only after the OS boots.

What players should do if restricted

If you receive a VAN:Restriction, follow the on-screen guidance to enable the required security features or update your motherboard firmware according to your manufacturer’s instructions. Riot notes this minimum baseline is essential to keep hardware cheats from remaining undetected.

Competitive implications

Riot is also evaluating a rollout of this requirement to the highest competitive tiers – Ascendant and above – to establish a consistent security baseline at the top of the ladder.

Bottom line – a pre‑boot loophole gets closed

By enforcing early-boot integrity and coordinating BIOS updates with major vendors, Riot targets an entire class of previously hard-to-detect DMA cheats. For players, the takeaway is simple: keep firmware current and core protections enabled – it reduces false flags and helps preserve fair play for everyone.