it's actually two different techniques: on one side MS installing silently an FF add-on, bypassing (of course
) UAC. Firefox cannot stop this, that's impossible, it's a browser, not a HIPS
And on the other side bad sites doing the same silently too, but from the web. This was obviously more likely to happen when Firefox (until 2.0) didn't have anything to react against this like a warning dialog like now. It has happened to me
, with FF 1.5 or 2.0 I can't remember. I found out when watching my firewall and then the extension list. I complained about it on Mozilazine forums, and they answered then that Firefox couldn't prevent these sort of attacks, and that it didn't have to, that I was responsible for visiting a bad site. Funny how a couple of versions later they introduced the protection we know