Oh, joy, yet another threat vector. AMI mobos for yours truly.
Cheers
BillW
You're seeing it backwards, flipping it around and you might see where the problem is.
Instead ask, is UEFI reliable/secure now? In short, no, and probably not for a long time unless some big changes arrive in the mainstream market, which is unlikely to happen any time soon.
As I understand it, the LegacyBIOS is so slowly updated, or not updated at all, that Xen/Kernel updates can keep up to speed with it and fix issues not fixed in the LegacyBIOS. But UEFI is another story altogether, not to forget a highly fragmented distribution of different releases, which is impaired in many ways (briefly mentioned further below). This is why UEFI under current schemes, will never catch up to high quality the way it works now, and it will never become anything "reliable" that you might want.
In other words, it requires a shift in politics, business ethics, laws, or even the appearance of a strong competitor which provides open and high quality motherboard firmware which becomes distributed mainstream. And none of that is happening, hence we're locked in with poor UEFI updates.
Every motherboard provider update their own motherboards, and they are all tailored for each model of motherboard released. In a sense, this is similar to how updates are distributed on Android, or upstream/downstream Linux updates, it can be a major issue, especially if not enough attention is put to it. The problem with motherboard companies though, is that they rarely do much effort to maintain their firmware, especially on the cheap motherboards, but not exclusively so. Some cheap boards can be decent too, but it's like a needle in a haystack without someone buying it and reviewing the motherboard for you first, or just trying your luck...
Some motherboards will never even get properly updated, they'll just ignore the customers who bought it. And this issue won't go away, because there are little better competition to be found when all of them are doing the same careless act.
Just look at the printer or router industry, they all are ignoring costs required to keep it up to date, reliable and secure. Thereby increasing their profits by reducing costs, trying to hide the fact from customers that they are doing so. If enoguh customers were aware and was annoyed by it, then a new better business taking customers needs into consideration may easier appear, but that hasn't happened yet. Not to forget, there are big muscles on the market, it isn't so easy for a new company to emerge without some serious funding.
These existing companies do not want to make something needlessly more expensive to increase the quality, just to satisfy a customer, who has little or no better alternative on the market anyway. You're locked in, you can't pick much better, at least not at that price or if you go look for reviews. And even then, expensive doesn't mean it'll be good either.
Combine this corruption of businessses with the security implication Marek explanation up above, and you'll quickly see why this is going nowhere anytime soon. UEFI is no quality, and is very slowly updated and maintained.
Quite a few motherbord companies even discourage you to update the motherboard unless something is explicitely broken and an update may fix it. In other words, they're saying: "if it works, don't update". This is just absurd... and it isn't ard to make a double BIOS/UEFI motherboard to secure it against failed updates either. They are just trying to maximize profits, ignoring customer needs, and they're especially happy the less people know about this business model they're using, because then it's easier to maintain buggy hardware/software at little cost, and keep the profits coming in.
But there is a big problem with that in terms of quality and customer needs, since this way you don't get the few security or other updates you may want.
You could get other motherboard firmware's though, like
https://www.coreboot.org/
https://libreboot.org/
and
https://www.reddit.com/r/opensource/comments/4lu2l0/open_source_bios/
Some people here are pretty good with alternative motherboard firmware's, maybe you're lucky that some will post here to get some more detailed answers on how to go about it if you want to go down that road. If no one posts here, then try search old posts here in the qubes mail threads, or make a new thread asking if they do not answer your questions.