The players of Valorant They have encountered an unusual requirement to continue entering the qualifying matches: update the motherboard BIOSWhat for many was a task that was postponed indefinitely has now become a technical requirement imposed by Riot Games to keep the most advanced cheaters at bay.
The company has confirmed the existence of a Critical vulnerability in motherboards from ASUS, Gigabyte, MSI and ASRock which allowed certain users to take advantage of devices Direct Memory Access (DMA) to evade the anti-cheat system VanguardUntil the firmware is fixed, some devices will see access to the game blocked with the error message. “VAN: Restriction”.
A BIOS flaw that opens the door to hardware traps
As Riot explained in a technical statement, the problem isn't so much with the game itself, but with the way in which Some motherboards initialize security at boot time.In several models from ASUS, Gigabyte, MSI, and ASRock, the pre-boot DMA protectionintegrated into the BIOS, it informed the operating system that it was activated when, in reality, The IOMMU (input/output memory management unit) was not initializing correctly in the first moments of ignition.
This behavior created a small but crucial "window" in which an attacker could inject code through a DMA device Before Vanguard and the operating system itself had all their security mechanisms in place, during those initial seconds, the system memory was exposed, allowing cheaters to gain access. load traps in a very privileged area of the hardware, far from the usual reach of anti-cheat software.
Riot describes it as a loophole that, had it not been detected, It could have effectively nullified the effectiveness of anti-cheating technologies across the entire industry.not just yours. The trick relies precisely on the system believing that DMA protection is working, when in reality the IOMMU isn't monitoring as it should.
In practice, this means that systems with the affected firmware could behave, in Vanguard's eyes, just like the equipment used by high-level cheaters, doing It is very difficult to distinguish between a legitimate player and one who exploits the vulnerability. if it is not corrected from the BIOS.
The affected brands and vulnerability codes
Riot's internal investigation ended up pointing to several motherboard families from the leading manufacturers in the market. ASUS, Gigabyte, MSI and ASRock They have already released specific BIOS/UEFI updates to fix the problem, which has also been logged with official security identifiers. CVE.
In the case of ASUSThe vulnerability has been categorized as CVE-2025-11901While Gigabyte It is collected as CVE-2025-14302 y MSI , the CVE-2025-14303. For ASRock The code has been assigned CVE-2025-14304These safety notices have been accompanied by new UEFI firmware versions which, according to the manufacturers, They correct faulty IOMMU initialization and strengthen pre-boot DMA protection.
For example, ASRock has reported that it already has Updated BIOS for your AMD 600, 700, and 800 seriesRiot Games and other manufacturers are encouraging their users in Europe and the rest of the world to check the lists of affected models on their official websites. Riot emphasizes that The firmware download should always be done from the official portalsThis is especially relevant in markets like Spain, where many users often rely on forums or third-party repositories for these types of tasks.
Beyond Valorant, the manufacturers themselves have warned that this flaw It is not limited to the world of video gamesSpecialized media outlets such as PC Gamer have pointed out that the vulnerability has broader security implications, since any system that relies on that DMA protection at boot time could potentially be exposed, whether or not it plays Riot's tactical shooter.
DMA and IOMMU: how the “under the hood” trap works
On a modern PC, the devices of Direct Memory Access (DMA) They allow data to be read and written to RAM without constantly going through the CPU. It's a legitimate technique that improves performance, but if poorly protected, it becomes a a very lucrative entry point for hardware cheating.
La IOMMU It is precisely there to bring order to all of this: it acts as a filter that decides which device can talk to which memory area. If that IOMMU doesn't start properlyThe filter leaves gaps, and a tampered DMA device can, in theory, read or modify game data in RAM without the operating system or anti-cheat detecting it in time.
Riot explains that This breach occurs before the operating system actually "knows" the security status of the computer.Vanguard relies on information provided by the firmware regarding the activation of DMA protection, so if the firmware reports a false security status, the anti-cheat system operates on a flawed premise. By the time the system is fully loaded, It can no longer guarantee 100% that malicious code has not been injected via DMA.
This type of attack is not within everyone's reach: it requires specific hardware and advanced knowledgeHowever, it is especially attractive to those who compete at levels where there are real money or major prizes at stakeThat's where so-called "hardware cheaters" come in, willing to invest in external devices to gain an advantage that is very difficult to track with more traditional techniques.
Riot talks about a real “arms race” against hardware cheatsIn this context, every improvement to the anti-cheat system forces cheaters to become more sophisticated, and vice versa. Closing the IOMMU vulnerability is not seen as a simple patch, but as a... change in the technical standard necessary to undermine the game.
Vanguard tightens controls: the message VAN:Restriction
As a result of this investigation, Riot has announced that Vanguard will implement stricter startup safety controls to players with potentially affected motherboards. When the system detects anomalous hardware behavior or statistical discrepancies reminiscent of a vulnerable device, the user will encounter an access block under the code “VAN: Restriction”.
This notice does not equate to a permanent account ban. This is a restriction conditional on the firmware statusThe player will be unable to launch Valorant while their motherboard remains vulnerable, but will be able to return to the game once they have updated their BIOS to the patched version. Riot insists that the goal is to prevent systems with this vulnerability from connecting to competitive servers.
The system VAN restrictions Riot not only evaluates the account, but also the hardware footprint of the device (the well-known HWIDIf Vanguard identifies that a PC's configuration resembles that of machines used to circumvent anti-cheat, it may activate this type of blocking and link the alert to both the user and the componentsIn the European ecosystem, where the game has a very large user base in Spain, France, and Germany, this translates into thousands of players forced to check the firmware.
In the company's own words, “BIOS updates aren’t as exciting as seeing ban numbers, but they’re a necessary step.”By closing the lagoon prior to the start, they assure, it will It neutralizes a whole class of traps that until now were almost untouchable. and the technical cost of cheating increases significantly.
For those who try to ignore the warning and proceed without updating, the scenario is clear: they will not be able to enter the gameRiot views these restrictions as a kind of temporary door that opens only when the user demonstrates, through a firmware update, that their system meets the new minimum security level.
Updating the BIOS: from forgotten task to essential requirement
The solution proposed by Riot inevitably involves something that many users, both in Spain and the rest of Europe, tend to avoid: update the motherboard BIOSAlthough manufacturers have greatly simplified the process today, it remains a delicate operation that should be done with some care.
The company recommends a very specific procedure: identify the exact model of the motherboard, go to the manufacturer's official website (ASUS, Gigabyte, MSI, ASRock), locate the firmware associated with the vulnerabilities mentioned and follow the instructions to the letterThis is not a simple program that you install and that's it; using the wrong file or interrupting the update can cause serious problems when starting your PC.
From the perspective of the average player, this measure may be inconvenient. Many Valorant users in Spain are accustomed to installing graphics drivers or Windows updates, but Touching the BIOS usually inspires a bit more respect.Riot, however, insists that it has already worked with manufacturers to minimize risks and that new firmware versions are ready precisely to cover this flaw.
The company also points out that It is not necessary to wait for the VAN:Restriction error to appear to take action. Any gamer with an ASUS, Gigabyte, MSI, or ASRock motherboard can proactively download and install the latest available BIOS to ensure that pre-boot DMA protection is working correctly from the very first second.
Ultimately, what's being asked of the community is a small change in mindset: to stop seeing the BIOS as something untouchable and start accepting that, just like games or the operating system are updated, The motherboard firmware is also part of the security chain that protects both the user and the competitive experience.
Impact beyond the game and debate about privacy
Another issue that has come to light with this measure concerns the true extent of the vulnerability. Warnings from manufacturers like ASUS make it clear that The bug exists even if the user doesn't play ValorantAny system that relies on that DMA protection at boot time could be a potential target for an attack with local access to the computer.
Therefore, although the demand for an update comes from Riot, BIOS patches are equally recommended for users who use their PC for sensitive professional or personal tasks.Ultimately, we're talking about a vulnerability that affects how hardware protects memory, a key aspect in environments where critical data or private information is handled.
At the same time, the decision to block access to the game until the firmware is updated reignites a long-standing debate surrounding Vanguard: To what extent should an anti-cheat system have influence over the user's hardware?For some gamers, the fact that a free game can influence BIOS settings is perceived as excessive interference.
Riot defends its position by alluding to the model free-to-playWith no economic barriers to entry, it's relatively easy for a banned cheater to return with another account or even another device. Strengthening the "technical floor," requiring the entire hardware ecosystem to meet certain minimum security requirements, is presented as the only way to make things really difficult for repeat offenders.
In Europe, where digital privacy concerns are particularly sensitive and heavily regulated, these kinds of measures are usually scrutinized closely. However, there is also a segment of the competitive community that He welcomes any move that reduces the number of cheaters.even if it requires taking certain additional equipment maintenance steps.
Riot's new policy presents Valorant players with a fairly clear reality: Having a good ping and a decent GPU is no longer enough.It now also tracks how the motherboard firmware boots and whether DMA protection works from the very first second. Updating the BIOS is no longer optional; it's become part of the "survival kit" for anyone who wants to stay competitive without problems, while also strengthening overall PC security against hardware vulnerabilities and other less visible risks.