Comment by parentheses
7 years ago
Unpatched UEFI is more about the reputation of the manufacturer/provider of UEFI. If a major manufacturer releases a motherboard, you can be sure (1) they are patched often and (2) they use similar components across many motherboards so bugs and vulnerabilities are patched across many simultaneously are worked out sooner
Patches existing for the firmware vulnerabilities of major manufacturers is good (I'll take your word for it, having not looked recently, but I know that a few years back this was not the case and known vulnerabilities could be found easily on shipping products).
The pathway from the patch existing to the patch being applied is overgrown with flammable brush. Infrequently traveled. Not healthy. There are efforts to fix this, but they don't have too much momentum at the moment.
I concur that in practice most hardware can easily remain unpatched. Installing upgrades can be scary (at least it was for my first home PC builds).
Installing firmware/BIOS updates is the scariest thing I ever do on a computer.
1a. Often - that much is true; initially. 1b. For the lifetime of the product? Nope nope nope nope, not in my wildest dreams. What's wrong with a stable, well-built, functioning motherboard? Nothing, just that some years have passed and the mfg no longer has an incentive for support.