Valorant has one of the most advanced anticheat programs in the gaming ecosystem, but it may not stay the same after potential changes to Microsoft’s own security system.
On Tuesday, Microsoft hosted a security summit to address the July 2024 Crowdstrike incident, which caused the blue screen of death across affected systems. The firewall software has kernel access to Windows, as does Vanguard, an anticheat that Valorant uses. Since the disaster, industry movers and shakers have called for the removal of the Windows kernel.
At the summit, Microsoft revealed that it’s considering “additional security capabilities outside of kernel mode” to prevent a Crowdstrike repeat. Would that possibility lead to an increase in Valorant cheaters?
Valorant’s anticheat effectiveness is expected to remain largely unchanged, as Microsoft’s efforts focus on enhancing protection outside of the kernel, rather than eliminating kernel-level access entirely.
Valorant’s anticheat system, Vanguard, utilizes kernel-mode drivers to access hardware at the lowes level, enabling it to monitor system activity even when the game is not running. This technology allows Vanguard to detect and filter out suspicious software, effectively reducing the number of cheaters in Valorant. Paired with Riot’s manual labor to detect and ban cheaters, Valorant has earned a name for having the best anticheat in the FPS genre.
However, with Microsoft’s latest announcement, a lot may change.
Microsoft has announced plans to migrate security service providers from kernel mode to user mode, aiming to maintain high-quality service without requiring deep system access. This shift is intended to prevent potential vulnerabilities like the Crowdstrike incident. While the Windows kernel remains operational for now, Microsoft is working on an alternative solution to eventually replace it.
With that change, Vanguard may not be able to detect cheaters as efficiently, as arbitrary code execution in kernel mode currently provides unrestricted access to system resources and allows certain programs to bypass security. Since Microsoft hasn’t specified the potential “security capabilities outside of kernel mode,” it’s tough to tell how effective the new system may be.
21+ and present in VA. Gambling Problem? Call 1-800-GAMBLER.
