The Unified Extensible Firmware Interface also has some disadvantages. UEFI has limited compatibility because it only supports 64-bit systems. While these are increasingly becoming standard, 32-bit systems are still widely used, especially in the Windows ecosystem. This limited compatibility is due to how tightly integrated the boot technology is with the specific partitioning of the bootable system volume (boot device). This combination of UEFI and GPT partitioning is only compatible with 64-bit systems. Older computers with 32-bit operating systems using legacy BIOS cannot boot GPT-partitioned hard drives.
To increase UEFI’s compatibility, the Compatibility Support Module (CSM) is used. For example, this module is used to run 32-bit versions of Windows 7 or 8 on modern UEFI hardware. The CSM also makes it possible to have a mix of operating systems on a single computer. In a multiboot system, older operating systems that only work with the traditional legacy BIOS can be booted up in addition to the UEFI-compatible ones. However, a 32-bit operating system will then have to use an additional boot device, such as a second hard drive with Master Boot Record. When the computer is started up, the desired system can then be actively selected in the boot manager menu. Other firmware types handle this process automatically: First, the system looks for a more modern EFI bootloader. If one is not found, the CSM module is used directly during the boot process.
However, this compatibility with legacy BIOS is only a temporary solution. Intel is currently urging computer manufacturers to stop implementing CSM. It needs to be gradually phased out to reduce the size of the UEFI BIOS code and lower the costs of hardware testing. Furthermore, computers that boot in legacy mode using the CSM module cannot use the UEFI-specific feature Secure Boot and its security mechanisms to protect against viruses and unauthorized tampering.
Another disadvantage of UEFI is the following security risk. Due to the direct connection during the boot phase, malware can infect a computer before the operating system’s security mechanisms have had a chance to intervene. This is by no means a theoretical threat. In 2014, the first security hole in the interface was discovered, and by 2018 experts had identified the first UEFI virus in the wild with LoJax (i.e. outside of pure laboratory experiments).
This video provides an excellent introduction on how to get started right away with the various UEFI BIOS options and modules (e.g. CSM, Secure Boot):