So that would require an authenticated program execution, a reboot, a reflash, and a reboot again. Hardly unnoticeable. I think EFI updates can be disabled in most UEFI setup programs by the administrators, so they only reenable them explicitly when doing the actual, you know, EFI updates.
I thought that was possible by mucking in a RAM region that would persist across warm reboots and UEFI would pick up the logo from there.
You can put an update capsule in that region and it will be picked on reboot. Another option is putting a file in ESP then telling EFI with a special call that there's an update to be applied (special call is also needed to inform EFI about the memory update method).
Windows Update uses those to deliver firmware updates on behalf of vendors.
I thought that was possible by mucking in a RAM region that would persist across warm reboots and UEFI would pick up the logo from there.