The exploit in particular is SPI write bypass. That's the critical part, which is independent of UEFI. That is a separate Intel SMM vulnerability. If you can compromise the bios region, you can do whatever you want with the boot process, UEFI or not.
>Each time the system restarts, the code executes on boot, before the OS loads and before the system’s antivirus software is launched. That means that even if the device’s hard drive is replaced, the LoJack software will still operate.
AFAIK on my systems the BIOS launches code in the EFI partition to boot the rest of the OS. an HDD/SSD wipe or replacement would defeat code installed in the EFI partition. Of course as you say, something added to the BIOS would run regardless.
Apparently LoJack installs itself in the BIOS as well.
