Abadlali be Ukuhlola Bahlangabezane nesidingo esingavamile sokuqhubeka nokungena emidlalweni yokuhlunga: buyekeza i-BIOS yebhodi lomamaOkwabaningi okwakuwumsebenzi owahlehliswa unomphela manje sekuyinto edingekayo yobuchwepheshe ebekwe yi- Imidlalo ye-Riot ukugcina abakhohlisi abathuthuke kakhulu bekude.
Le nkampani isiqinisekisile ukuthi kukhona Ubungozi obukhulu kumabhodi e-motherboard avela ku-ASUS, Gigabyte, MSI kanye ne-ASRock okwavumela abasebenzisi abathile ukuthi basebenzise amadivayisi Ukufinyelela Okuqondile Kwememori (i-DMA) ukugwema uhlelo lokulwa nokukhohlisa I-VanguardKuze kube yilapho i-firmware isilungisiwe, amanye amadivayisi azobona ukufinyelela kumdlalo kuvinjiwe ngomlayezo wephutha. “I-VAN: Umkhawulo”.
Iphutha le-BIOS elivula umnyango wezithiyo zehadiwe
Njengoba uRiot echaze esitatimendeni sobuchwepheshe, inkinga ayikho kakhulu ngomdlalo ngokwawo, kodwa ngendlela Amanye amabhodi omama aqala ukuphepha ngesikhathi sokuqalisa.Kumamodeli amaningana avela ku-ASUS, Gigabyte, MSI, kanye ne-ASRock, i- ukuvikelwa kwe-DMA ngaphambi kokuqalisaihlanganiswe ne-BIOS, yazisa uhlelo lokusebenza ukuthi luvuliwe lapho, empeleni, I-IOMMU (iyunithi yokuphatha imemori yokufaka/yokukhipha) yayingaqali kahle ezikhathini zokuqala zokusha.
Lokhu kuziphatha kwakha "ifasitela" elincane kodwa elibalulekile lapho umhlaseli angakwazi khona faka ikhodi ngedivayisi ye-DMA Ngaphambi kokuba i-Vanguard kanye nohlelo lokusebenza ngokwalo zibe nazo zonke izindlela zokuphepha endaweni yazo, phakathi naleyo mizuzwana yokuqala, inkumbulo yohlelo yayivezwa, okuvumela abakhohlisi ukuthi bathole ukufinyelela. izingibe zokulayisha endaweni enelungelo elikhulu lehadiwe, okungaphezu kakhulu kwalokho okuvamile kwesofthiwe yokulwa nokukhohlisa.
URiot uchaza lokhu njengesikhala sokuthi, ukube bekungatholakalanga, Bekungase kuqede ngempumelelo ukusebenza kobuchwepheshe bokulwa nokukhohlisa kulo lonke imboni.hhayi eyakho kuphela. Icebo lincike ngqo ohlelweni olukholelwa ukuthi ukuvikelwa kwe-DMA kuyasebenza, kanti empeleni i-IOMMU ayiqaphi njengoba kufanele.
Empeleni, lokhu kusho ukuthi izinhlelo ezine-firmware ethintekile zingaziphatha kahle, emehlweni eVanguard, njengemishini esetshenziswa abakhohlisi abasezingeni eliphezulu, zenza kanjalo. Kunzima kakhulu ukuhlukanisa phakathi komdlali osemthethweni nomuntu osebenzisa kabi ubuthakathaka. uma kungalungiswanga kusuka ku-BIOS.
Imikhiqizo ethintekile kanye namakhodi obuthakathaka
Uphenyo lwangaphakathi lukaRiot lugcine lukhomba imindeni eminingana yama-motherboard evela kubakhiqizi abaphambili emakethe. I-ASUS, i-Gigabyte, i-MSI kanye ne-ASRock Sebavele bakhiphe izibuyekezo ezithile ze-BIOS/UEFI ukuze kulungiswe inkinga, nayo efakwe ama-identifier okuphepha asemthethweni. I-CVE.
Endabeni ASUSUbuthakathaka buhlukaniswe ngokuthi I-CVE-2025-11901ngenkathi I-Gigabyte Iyakuthatha njenge I-CVE-2025-14302 y MSI njengoba I-CVE-2025-14303. Ngokuba ASRock Ikhodi inikezwe I-CVE-2025-14304Lezi zixwayiso zokuphepha zihambisane izinguqulo ezintsha ze-firmware ze-UEFI okuyinto, ngokusho kwabakhiqizi, Balungisa ukuqaliswa kwe-IOMMU okunephutha futhi baqinise ukuvikelwa kwe-DMA ngaphambi kokuqalisa.
Isibonelo, i-ASRock ibike ukuthi isivele inayo I-BIOS ebuyekeziwe yochungechunge lwakho lwe-AMD 600, 700, kanye ne-800I-Riot Games kanye nabanye abakhiqizi bakhuthaza abasebenzisi babo eYurophu nakwamanye amazwe ukuthi bahlole uhlu lwamamodeli athintekile kumawebhusayithi abo asemthethweni. I-Riot igcizelela lokho Ukulanda i-firmware kufanele kwenziwe njalo kusuka kuma-portal asemthethweniLokhu kubaluleke kakhulu ezimakethe ezifana neSpain, lapho abasebenzisi abaningi bevame ukuthembela kumaforamu noma ezindaweni zokugcina izinto zangaphandle ukuze benze lolu hlobo lwemisebenzi.
Ngaphandle kwe-Valorant, abakhiqizi ngokwabo baxwayise ngokuthi leli phutha Akugcini nje ezweni lemidlalo yevidiyoIziteshi zezindaba ezikhethekile njenge-PC Gamer ziveze ukuthi ubuthakathaka bunemiphumela ebanzi yokuphepha, njengoba noma yiluphi uhlelo oluthembele kulolo kuvikelwa kwe-DMA ngesikhathi sokuqalisa lungase luvezwe, kungakhathaliseki ukuthi ludlala i-Riot's tactical shooter noma cha.
I-DMA ne-IOMMU: indlela okusebenza ngayo ugibe “olungaphansi kwe-hood”
Ku-PC yesimanje, amadivayisi e- Ukufinyelela Okuqondile Kwememori (i-DMA) Zivumela idatha ukuthi ifundwe futhi ibhalwe ku-RAM ngaphandle kokudlula njalo ku-CPU. Kuyindlela esemthethweni ethuthukisa ukusebenza, kodwa uma ivikelwe kabi, iba yi- indawo yokungena enenzuzo kakhulu yokukopela ihadiwe.
La IOMMU Ilapho ngqo ukuze ihleleke konke lokhu: isebenza njengesihlungi esinquma ukuthi iyiphi idivayisi engakhuluma ngendawo yememori. Uma leyo IOMMU ingaqali kahleIsihlungi sishiya izikhala, futhi idivayisi ye-DMA ephazamisekile ingakwazi, ngokombono, ukufunda noma ukuguqula idatha yomdlalo ku-RAM ngaphandle kokuthi uhlelo lokusebenza noma i-anti-cheat ilubone ngesikhathi.
URiot uchaza lokho Lokhu kwephulwa kwenzeka ngaphambi kokuba uhlelo lokusebenza "lwazi" ngempela isimo sokuphepha sekhompyutha.I-Vanguard ithembele kulwazi olunikezwa yi-firmware mayelana nokusebenza kokuvikelwa kwe-DMA, ngakho-ke uma i-firmware ibika isimo sokuphepha esingamanga, uhlelo lokulwa nokukhohlisa lusebenza ngesisekelo esinamaphutha. Ngesikhathi uhlelo selulayishiwe ngokugcwele, Akusakwazi ukuqinisekisa ngo-100% ukuthi ikhodi enonya ayifakwanga nge-DMA.
Lolu hlobo lokuhlasela alufinyeleleki kuwo wonke umuntu: ludinga ihadiwe ethile kanye nolwazi oluthuthukisiweKodwa-ke, kuyakhanga kakhulu labo abancintisana emazingeni lapho kukhona khona imali yangempela noma imiklomelo emikhulu esengoziniYilapho-ke abantu ababizwa ngokuthi “abakhohlisi behadiwe” bengena khona, bezimisele ukutshala imali kumadivayisi angaphandle ukuze bathole inzuzo okunzima kakhulu ukuyilandela ngamasu avamile.
URiot ukhuluma ngeqiniso "umjaho wezingalo" ngokumelene namaqhinga e-hardwareKulesi simo, konke ukuthuthuka ohlelweni lokulwa nokukhohlisa kuphoqa abakhohlisi ukuba babe nobuchule kakhulu, futhi okuphambene nalokho. Ukuvala ubuthakathaka be-IOMMU akubonwa njengento elula, kodwa... ushintsho endinganisweni yobuchwepheshe okudingekayo ukuze kuphazamiseke umdlalo.
I-Vanguard iqinisa izilawuli: umlayezo we-VAN:Restriction
Ngenxa yalolu phenyo, uRiot umemezele ukuthi I-Vanguard izosebenzisa izilawuli zokuphepha eziqinile zenkampani eqalayo kubadlali abanamabhodi e-motherboard angase athinteke. Uma uhlelo luthola ukuziphatha okungavamile kwehadiwe noma ukungafani kwezibalo okufana nedivayisi esengozini, umsebenzisi uzohlangana nebhulokhi yokufinyelela ngaphansi kwekhodi “I-VAN: Umkhawulo”.
Lesi saziso asifani nokuvinjelwa kwe-akhawunti unomphela. Lokhu kungumkhawulo oncike esimweni se-firmwareUmdlali ngeke akwazi ukuqalisa i-Valorant ngenkathi ibhodi lakhe lomama lisasengozini, kodwa uzokwazi ukubuyela emdlalweni uma esebuyekeze i-BIOS yakhe enguqulweni elungisiwe. URiot ugcizelela ukuthi umgomo ukuvimbela izinhlelo ezinalobu buthakathaka ukuthi zixhumeke kumaseva ancintisanayo.
Uhlelo lwe Imikhawulo ye-VAN I-Riot ayihloli nje kuphela i-akhawunti, kodwa futhi nomkhawulo wehadiwe wedivayisi (eyaziwa kakhulu HWIDUma i-Vanguard ibona ukuthi ukucushwa kwe-PC kufana nokwemishini esetshenziselwa ukugwema ukukopela, ingase isebenzise lolu hlobo lokuvimba kanye xhumanisa isexwayiso kokubili kumsebenzisi kanye nezingxenyeEmvelweni yaseYurophu, lapho umdlalo unesizinda esikhulu sabasebenzisi eSpain, eFrance naseJalimane, lokhu kuhunyushwa kube izinkulungwane zabadlali abaphoqelekile ukuhlola i-firmware.
Ngamazwi enkampani uqobo, "Izibuyekezo ze-BIOS azijabulisi njengokubona izinombolo zokuvinjelwa, kodwa ziyisinyathelo esidingekayo."Ngokuvala ichibi ngaphambi kokuqala, bayaqinisekisa ukuthi kuzokwenzeka Kuqeda lonke uhlobo lwezingibe ezazicishe zingathintwa kuze kube manje. futhi izindleko zobuchwepheshe zokukopela zikhuphuka kakhulu.
Kulabo abazama ukungasinaki lesi sixwayiso futhi baqhubeke ngaphandle kokubuyekeza, isimo sicacile: ngeke bakwazi ukungena emdlalweniI-Riot ibheka le mikhawulo njengohlobo lomnyango wesikhashana ovuleka kuphela lapho umsebenzisi ebonisa, ngesibuyekezo se-firmware, ukuthi uhlelo lwabo luhlangabezana nezinga elisha lokuphepha eliphansi.
Ukuvuselela i-BIOS: kusukela emsebenzini okhohliwe kuya kwemfuneko ebalulekile
Isixazululo esiphakanyiswe yiRiot ngokungenakugwenywa sihilela into abasebenzisi abaningi, kokubili eSpain nakwamanye amazwe aseYurophu, abavame ukuyigwema: buyekeza i-BIOS yebhodi lomamaNakuba abakhiqizi benze inqubo yaba lula kakhulu namuhla, kuseyinqubo ebucayi okufanele yenziwe ngokucophelela.
Le nkampani itusa inqubo eqondile kakhulu: thola imodeli eqondile yebhodi lomama, iya kuwebhusayithi esemthethweni yomkhiqizi (i-ASUS, i-Gigabyte, i-MSI, i-ASRock), thola i-firmware ehlobene nobuthakathaka obushiwo kanye Landela imiyalelo kuze kube yile ncwadiLolu akulona uhlelo olulula olufakayo futhi yilokho kuphela; ukusebenzisa ifayela elingalungile noma ukuphazamisa isibuyekezo kungabangela izinkinga ezinkulu lapho uqala i-PC yakho.
Ngokombono womdlali ojwayelekile, lesi sinyathelo singase singabi sihle. Abasebenzisi abaningi be-Valorant eSpain bajwayele ukufaka abashayeli bezithombe noma izibuyekezo ze-Windows, kodwa Ukuthinta i-BIOS kuvame ukukuhloniphisa kakhulu.Nokho, iRiot igcizelela ukuthi isivele isebenzisane nabakhiqizi ukunciphisa izingozi nokuthi izinguqulo ezintsha ze-firmware zikulungele ukumboza leli phutha.
Le nkampani iphinde iveze ukuthi Akudingeki ukulinda ukuthi kuvele iphutha le-VAN:Restriction ukuthatha isinyathelo. Noma yimuphi umdlali wegeyimu onebhodi lomama le-ASUS, Gigabyte, MSI, noma i-ASRock angalanda futhi afake i-BIOS yakamuva etholakalayo ukuqinisekisa ukuthi ukuvikelwa kwe-DMA ngaphambi kokuqalisa kusebenza kahle kusukela kumzuzwana wokuqala.
Ekugcineni, okucelwa umphakathi ushintsho oluncane endleleni yokucabanga: ukuyeka ukubona i-BIOS njengento engathinteki bese uqala ukwamukela lokho, njengoba nje imidlalo noma uhlelo lokusebenza lubuyekezwa, I-firmware yebhodi lomama nayo iyingxenye yochungechunge lokuphepha okuvikela kokubili umsebenzisi kanye nokuhlangenwe nakho kokuncintisana.
Umthelela ngale komdlalo kanye nempikiswano mayelana nobumfihlo
Enye inkinga eye yavela ngalesi silinganiso iphathelene nobukhulu bangempela bobuthakathaka. Izexwayiso ezivela kubakhiqizi abanjengo-ASUS zikwenza kucace ukuthi Iphutha likhona noma umsebenzisi engadlali i-ValorantNoma yiluphi uhlelo oluthembele kulolo kuvikelwa kwe-DMA ngesikhathi sokuqalisa lungaba yisisulu esingaba khona sokuhlaselwa ngokufinyelela kwendawo kwikhompyutha.
Ngakho-ke, yize isidingo sokuvuselelwa sivela ku-Riot, Ama-patches e-BIOS anconywa ngokulinganayo kubasebenzisi abasebenzisa i-PC yabo emisebenzini yobungcweti noma yomuntu siqu ebucayi.Ekugcineni, sikhuluma ngobuthakathaka obuthinta indlela ihadiwe evikela ngayo inkumbulo, isici esibalulekile ezindaweni lapho idatha ebalulekile noma ulwazi oluyimfihlo luphathwa khona.
Ngesikhathi esifanayo, isinqumo sokuvimba ukufinyelela kumdlalo kuze kube yilapho i-firmware ibuyekeziwe sivuselela impikiswano ende ephathelene neVanguard: Isistimu yokulwa nokukhohlisa kufanele ibe nethonya elingakanani kwihadiwe yomsebenzisi?Kwabanye abadlali begeyimu, iqiniso lokuthi umdlalo wamahhala ungathonya izilungiselelo ze-BIOS libhekwa njengokuphazamiseka okukhulu.
I-Riot ivikela isikhundla sayo ngokubhekisela kumodeli Mahhala ukuze kudlaleNjengoba kungekho zithiyo zomnotho zokungena, kulula kakhulu ngomuntu okhohlisekile ukuthi abuye nenye i-akhawunti noma ngisho nenye idivayisi. Ukuqinisa "izinga lobuchwepheshe," okudinga ukuthi yonke i-hardware ecosystem ihlangabezane nezimfuneko ezithile zokuphepha ezincane, kwethulwa kanje: okuwukuphela kwendlela yokwenza izinto zibe nzima kakhulu kubantu abenza izenzo zobugebengu eziphindaphindayo.
EYurophu, lapho izinkinga zobumfihlo bedijithali zibucayi kakhulu futhi zilawulwa kakhulu, lezi zindlela zivame ukuhlolisiswa ngokucophelela. Kodwa-ke, kukhona nengxenye yomphakathi oncintisanayo ekhona. Uyakwamukela noma yisiphi isinyathelo esinciphisa inani labakopelayo.noma ngabe kudinga ukuthatha izinyathelo ezithile ezengeziwe zokulungisa imishini.
Inqubomgomo entsha kaRiot inikeza abadlali beValorant iqiniso elicacile: Ukuba ne-ping enhle kanye ne-GPU enhle akusanele.Manje futhi ilandelela indlela i-firmware ye-motherboard eqala ngayo nokuthi ukuvikelwa kwe-DMA kusebenza yini kusukela ngomzuzwana wokuqala. Ukubuyekeza i-BIOS akusadingeki; sekuyingxenye "yekhithi yokusinda" yanoma ubani ofuna ukuhlala encintisana ngaphandle kwezinkinga, kuyilapho futhi kuqinisa ukuphepha kwe-PC jikelele ngokumelene nobuthakathaka behadiwe nezinye izingozi ezingabonakali kangako.