Steam game listings must now flag any kernel-level anti-cheat software integrations

Steam logo
(Image credit: Valve)

Valve has announced that it is now mandatory for game developers to explicitly declare whether their game(s) use any anti-cheat technology in kernel mode, in a new Steamworks Developer post. Steam Pages for games utilizing kernel-level anti-cheat tools will share this information available for greater transparency - side by side with the already existing DRM warnings, Denuvo for instance.

For the uninitiated, your Operating System has two distinct modes, user mode, and kernel mode - divided based on privileges and permissions. Whatever is happening right now on your screen, that's the user mode. For direct hardware access and interaction, the OS has a kernel baked in, which acts as a supervisor for your system. Software present at the kernel level or ring 0 manages memory, performs context switches, and interacts with the hardware through drivers and whatnot. If any unforeseen error occurs at the user-mode level; fine and dandy. However, if kernel-level software fails - say your GPU's drivers, then your PC may halt and is likely to crash.

Valve has now made it compulsory for game developers to state if their games feature kernel-level anti-cheat utilities. Please note that disclosure is optional if the anti-cheat works in user mode, but this is still a positive change nonetheless. Valve states, "Going forward, when you submit a new game to Steam, if your game installs a client-side, kernel mode anti-cheat, you will need to fill out this new field. We will be going through old games and contacting partners with games that fall into this category." Developers also have to specify if the anti-cheat modifies OS files and if it can be fully uninstalled using the provided script.

Anti Cheat example

(Image credit: Steam)

Games use kernel mode software more than you'd think; Apex Legends, Fortnite, Paladins, Rainbow Six: Siege, Valorant, H1Z1, and Day-Z to name a few. The argument is that hacking and cheating tools nowadays are built to function at ring 0. Effectively warding them off is only achievable with anti-cheat technology that also operates in kernel mode. But that begs the question, would you allow proprietary software to run on your system's most vulnerable and authorized level just to play a game?

In the end, both sides have valid points but a transparent disclosure looks like a good policy. Users must be informed beforehand if the game they're about to play requires software that runs with ring 0 privileges and that is exactly what Valve is trying to accomplish.

Hassam Nasir
Contributing Writer

Hassam Nasir is a die-hard hardware enthusiast with years of experience as a tech editor and writer, focusing on detailed CPU comparisons and general hardware news. When he’s not working, you’ll find him bending tubes for his ever-evolving custom water-loop gaming rig or benchmarking the latest CPUs and GPUs just for fun.

  • hotaru251
    Honestly keep hoping that rumor of MSFT disabling Kernel access to third parties in future OS turns out true.
    Reply
  • das_stig
    Microsoft should be banning any 3rd party software from kernel if its not needed for the operation of the core OS, as in drivers. The only reason they do, is because Microsoft code is rubbish. Full of bad legacy coding, kludges, dirty fixes and pandering to big gaming software houses to ensure Windows remains the primary gaming OS. They need to lock it down, return trust to the users and strip out the crap from Windows, as promised for lean, fast and secure OS, when they went back to drawing board for Windows 10.
    Reply
  • purple_dragon
    Honestly, kernel level access is a big security risk. It should already be denied from access by any software.
    Reply
  • setx
    hotaru251 said:
    Honestly keep hoping that rumor of MSFT disabling Kernel access to third parties in future OS turns out true.
    For something useless like Windows-on-ARM – maybe. For x86 it would cripple the OS to the level of ARM.

    das_stig said:
    Microsoft should be banning any 3rd party software from kernel if its not needed for the operation of the core OS, as in drivers. The only reason they do, is because Microsoft code is rubbish. Full of bad legacy coding, kludges, dirty fixes and pandering to big gaming software houses to ensure Windows remains the primary gaming OS. They need to lock it down, return trust to the users and strip out the crap from Windows, as promised for lean, fast and secure OS, when they went back to drawing board for Windows 10.
    You have absolutely no idea what you are talking about. Windows is bearable only due to 3'rd party software.

    Let's talk about gamepads for example, in particular DualSense support. There is none in OS, Steam provides something (for wired-only connection I think) and fully functional one is community-written driver. That's not a driver that's "needed for the operation of the core OS" and MS only supports XBox gamepads, so locking down drivers would mean dropping DualSense support.
    Reply
  • Sluggotg
    "Developers also have to specify if the anti-cheat modifies OS files and if it can be fully uninstalled using the provided script."

    Games leaving behind their anti-cheat modifications to our computers is unacceptable. Reminds me of the Nasty copy protections that would stay on your computer and Gimp performance and make your computer unstable. I had to do complete wipes and re-installs on a few of my machines back in the day to fully remove some of that crap.

    Games that leave behind some of their Cheat Protection, (or whatever), should be banned from Steam or at least very prominently high lighted.
    Reply
  • AkroZ
    hotaru251 said:
    Honestly keep hoping that rumor of MSFT disabling Kernel access to third parties in future OS turns out true.
    Since Windows 10 they are licensing kernel access to anybody willing to paid, they don't care what you do with it.
    But with the issue with CrowdStrike impacting millions of users, someone at Microsoft said that they should screen access to not allow kernel access to the like of CrowdStrike. They will not stop giving kernel access to third parties.
    Reply
  • SexyRussell
    "But that begs the question, would you allow proprietary software to run on your system's most vulnerable and authorized level just to play a game?"
    Yeah I've been doing it for years now. It honestly seems like the only people that complain about anti-cheat, even at the kernel level are Fudds or IT techs that shouldn't have these games on their work systems in the first place.
    Reply