Your motherboard may have told you DMA protection was on while it quietly wasn't — that's the heart of a UEFI flaw that anti-cheat researchers uncovered, and it's why some Valorant players are being told to update their BIOS. The vulnerability affects boards from ASRock, ASUS, GIGABYTE, and MSI: the firmware signaled that Pre-Boot DMA Protection was active, even though it had failed to initialize the IOMMU during early boot. The setting looked enabled; the protection wasn't there.
That gap is exactly what a sophisticated hardware cheat wants. Here's what the flaw is, why it matters beyond gaming, and what to actually do about it.
Quick reference: the UEFI DMA flaw
| Item | Detail |
|---|---|
| CVEs | CVE-2025-14302, CVE-2025-14303 |
| Affected vendors | ASRock, ASUS, GIGABYTE, MSI |
| Root cause | IOMMU not initialized despite "DMA protection on" |
| Risk | Early-boot DMA attack / hidden hardware cheat |
| Fix | Updated BIOS from your motherboard vendor |
What actually went wrong
IOMMU is the memory firewall that stops a DMA device from reading memory it shouldn't. On affected boards, the firmware reported Pre-Boot DMA Protection as fully active while it had actually failed to set up the IOMMU correctly in the early-boot window. So the system believed it was protected when it wasn't — and that window, before the OS and its defenses are fully up, is precisely when a hardware cheat or other malicious DMA device can get in, gain elevated privileges, and hide without raising alarms. Notably, the flaw was found by anti-cheat researchers at Riot Games, which is how it surfaced in the gaming world first.
Why this is bigger than cheating
A false "protected" signal isn't only a cheating problem. Early-boot DMA is a classic path for persistent, stealthy compromise — the kind of pre-boot foothold that's hard to detect because it lands before your security software does. That's the same threat model behind rootkits. Anti-cheat happened to be the tripwire here, but anyone on an affected board had a weaker security posture than their BIOS claimed.
How it connects to anti-cheat enforcement
Because the flaw undermines the hardware-trust baseline anti-cheats rely on, Riot responded on the enforcement side: Vanguard now blocks Valorant from launching on an affected system and shows a pop-up explaining what's needed. That's consistent with the direction we covered in why Vanguard wants you to update your motherboard — if the platform can't prove its DMA protection is genuinely active, the anti-cheat won't extend trust. It's the same logic as requiring IOMMU and VBS in the first place.
What to do about it
The fix is straightforward and legitimate: update your BIOS. Motherboard vendors have released firmware that corrects the IOMMU initialization sequence, so check your manufacturer's support page for the latest BIOS for your exact model and apply it. Updating your BIOS can change some Windows-reported identifiers, which we cover in does updating your BIOS change your HWID — but here it's the right move regardless, because you're closing a real security gap, not chasing a ban.
FAQ
Which motherboards are affected?
Boards from ASRock, ASUS, GIGABYTE, and MSI across multiple Intel and AMD chipset generations. Check your vendor's advisory for your model.
How do I know if I'm protected?
The catch is that the BIOS setting could read "enabled" while the protection wasn't active. The reliable fix is updating to the patched BIOS your vendor released.
Why does Valorant block me over this?
Vanguard relies on genuine hardware DMA protection. If your firmware can't guarantee it, Vanguard won't let the game launch until it's resolved.
Is updating my BIOS safe?
Following your manufacturer's official instructions for your exact model, yes. Don't lose power mid-update, and read the vendor's notes first.
The takeaway
This UEFI flaw is a reminder that a security setting reading "on" isn't the same as it working. Affected boards signaled DMA protection that wasn't actually initialized, opening an early-boot window for hidden hardware cheats — and worse. Anti-cheat caught it first, but the real fix benefits everyone: install the patched BIOS for your motherboard. When the firmware can be trusted again, so can everything built on top of it.