Keep your UEFI/BIOS firmware up-to-date
Over the years, I've read many forum posts—on many different forums. On the subject of UEFI/BIOS updates, the "common sense" position leans towards, "If it ain't broke, don't fix it."
In other words, unless you experience issues with your PC—don't upgrade the UEFI/BIOS firmware.
To be fair, carelessly upgrading the UEFI/BIOS firmware is risky. Few actions cause a greater risk to "bricking" your system. But, taking precautions will mitigate those risks.
Always perform upgrades on AC power (not built-in BAT); preferably, while connected to a good UPS (Uninterruptible Power Supply)
Read and follow the directions before running the upgrade.
Monitor the entire upgrade process.
Be patient. Don't try to cancel (or hot-stop) a UEFI/BIOS upgrade.
Keeping your UEFI/BIOS firmware up-to-date, not only adds features and fixes known issues, but it provides security patches.
Risks of keeping old(er) UEFI/BIOS firmware
Despite conventional wisdom, vulnerabilities and exploits exist for UEFI/BIOS firmware. Usually, they require physical access to the host machine. But, in a supply-chain or phishing attack, the host machine's owner acts as a proxy for the attacker.
I've warned of these risks for years. Until recently, my warnings were received as conjecture and paranoia.
Not anymore.
8 months ago (CVE-2023-40238)...
For deep-dive, please see LogoFAIL: Security Implications of Image Parsing During System Boot (duration 44:14)
3 months ago (CVE-2024-0762)...
What do you think? Do you keep your UEFI/BIOS up-to-date?