hirschmann
commented
4 years ago While the WinRing0 driver allows unrestricted access to the CPU's model specific registers (MSR), the OpenHardwareMonitorLib plugin which NBFC uses to access the hardware on Windows machines restricts access to the driver to builtin administrators and the SYSTEM user (see KernelDriver.cs) This means the exploits you've posted require at least the privileges of the builtin admin account if the driver was installed by NBFC/OpenHardwareMonitorLib which makes them effectively useless.
I understand that this doesn't prevent someone from manipulating their system, but I also think it's not possible to lock out users from their own systems anyway (if they have administrative permissions). Cheaters will always find a way to cheat.
That being said, it will probably not be possible to fix issues in the WinRing0 driver, because nowadays a kernel mode driver has to be signed with an Extended Validation Code Signing Certificate which afaik are only sold to companies, not to individual users. (see Signing a Driver for Public Release)
Unfortunately I have no solution or workaround for this problem. I know it sucks, but unless Riot changes their anti cheat system NBFC will not run on systems where Vanguard is active :(
thederp
Valorant's Riot Vanguard is apparently blocking this application probably because of this vulnerability. https://nvd.nist.gov/vuln/search/results?form_type=Basic&results_type=overview&query=WinRing0&search_type=all
This is a message from Valorant's reddit moderators: "Vanguard will automatically disable certain software that has known exploits used by hackers to cheat. Quite a few popular software packages used for overclocking, fan control, RGB lighting, and more are vulnerable to these exploits. Usually, either uninstalling or updating these software packages is enough."