PKfail, a supply-chain issue, has affected hundreds of UEFI products for over 12 years, leaving nearly 900 devices vulnerable to malware installation. Vendors and users must follow best practices, apply updates and patches, monitor, and protect devices, and replace test keys. Prompt firmware upgrades are advised, and leaked AMI PK devices should be disconnected from critical networks.