https://www.darkreading.com/endpoint-security/critical-logofail-bugs-secure-boot-bypass-millions-pcs seems better, it at least mentions that the logo files have to be placed on the EFI System partition to be loaded by the vulnerable code.