For most of its long life, League of Legends ran a relatively light anti-cheat. That changed when Riot extended Vanguard — the kernel-level system built for Valorant — to League as well.
What Vanguard is
Vanguard is Riot's own anti-cheat. Its component loads at system startup and runs at the kernel level, the most privileged layer of the operating system. That gives it deep visibility into the system, which is how it catches kernel-level cheats that ordinary anti-cheats cannot see.
Why bringing it to League was a big deal
League had run for well over a decade with a lighter approach. Adding a kernel anti-cheat that loads at boot to a game that old was a significant change, and it landed with an established player base that had never run such software for the game before. The reaction was mixed — some welcomed stronger enforcement, others were uneasy about a boot-time kernel driver.
System requirements changed
The Vanguard rollout brought new requirements on Windows 11: players needed TPM 2.0 and Secure Boot enabled. For some users that meant changing firmware settings they had never touched. This tied League, a famously accessible game, to the same hardware-security baseline as Valorant.
What it means for hardware identity
Like any kernel anti-cheat, Vanguard can read a broad set of identifiers, including firmware-level values such as the SMBIOS UUID — the values ordinary software cannot rewrite. Its arrival made League's enforcement firmware-aware in a way it had never been.
The takeaway
Vanguard coming to League is a clear example of an industry trend: kernel anti-cheat spreading from new competitive games into established ones. The practical points are concrete — a boot-time driver, TPM and Secure Boot requirements, and firmware-aware detection where there was none before.