On parle ici du logo de la marque du PC qui s’affiche en démarrant le PC, au moment de l’UEFI.

non, on parle littéralement de pas ça. on parle de la possibilité offerte à l'utiliser d'afficher un logo personnalisé de son choix.

après c'est sûr qu'il faut lire les articles et comprendre ce qu'on lit. C'est pourtant répété tout du long et sans la moindre ambiguité possible. En particulier quand il est dit que les machines de constructeurs comme Dell qui ne propose pas cette fonctionnalité additionnelle à l'utilisateur de pouvoir modifier l'image qui s'affiche à l'allumage du PC ne sont pas affectés par cette vulnérabilité, et pourtant le logo de Dell s'affiche à l'allumage.

Most image parsers exist to make it possible to display logos during boot or in BIOS setup. However, vendors introduce features, like customization of a device’s boot logo, that allow users to specify data input for these parsers.

In many cases, the end-user is allowed to specify the input for them via various features of logo customization, which obviously provides access to the attack surface for less privileged entities;

Normally, the logo is read directly from a firmware volume. Since the volumes are often signed and protected by a hardware-based Verified Boot technology (e.g., Intel Boot Guard), an attacker cannot store a custom logo there (...) In other cases, OEM-specific customizations allow users to supply their own logo, so attackers can do that too.

When these parsers are used to display a logo during boot and when this logo can be replaced by an attacker, using any of the OEM customization techniques described in the Attack Surface section of this blogpost, then LogoFAIL becomes an exploitable threat. And there are multiple scenarios that could lead to it:
We found that certain vendors such as Lenovo, Intel and Acer allow users – and so attackers – to customize the logo shown during boot.

When there is no expected way to customize the logo, it is still possible via physical attack vector: just with an SPI flash programmer if a logo is not covered with any hardware-based Verified Boot technology

Some vendors such as Dell are not directly exploitable for two reasons. First, as shown in the previous screenshots, Dell distributes firmware where the logo is covered by Intel Boot Guard and thus cannot be replaced by an attacker, even using a physical attack. Second, Dell doesn’t provide any logo customization and so it effectively secures the LogoFAIL attack surface.

Et il se trouve que logofail intervient avant l'UEFI, durant la phase initiale Platform Initialisation Firmware au moment de l'étape du DXE (Driver Execution Environment) qui a lieu juste avant le début de l'UEFI secure boot.
Bon là c'était compliqué, il fallait regarder une image et voir qu'il y avait un encadré pointillé où se passe l'attaque et que l'UEFI débute après cette phase d'initialisation.
— Permalink