If it bios official from vendor it can safe, but if you going to flash modded bios so be carefull and take risk in your own, any wrong flashed bios can be recovered with programmer tools
if you want to jump to bios edit read my guide here
https://winraid.level1techs.com/t/guide-usage-of-ami-s-aptiov-uefi-editor-flash-method/91842
Cpu microcode get update if it refert to processor vulnerability so released patching, and some time microcode update get increace clocked speed, and bios update like support for more ram, stability or more processor support
here list CVE Example
https://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-32238/Microsoft-Windows-10.html