Notable vulnerabilities, sometimes discovered in the "System Management Mode" (SMM) of InsydeH2O, have highlighted the importance of keeping firmware updated. If a malicious actor compromises the firmware, they can persist on the machine even if the hard drive is wiped and Windows is reinstalled.
InsydeH2O is the perfect example of “complexity breeds vulnerability.” It is powerful enough to run a full network stack (UEFI HTTP boot) and a GUI (mouse support in BIOS), yet this complexity introduces thousands of lines of code that run with the highest CPU privilege (Ring -2). insydeh20