In my experience around 99% of sites asking you to install "codecs", "browser extensions" or similar to view videos are sites that contain malicious software of some sort (a virus, trojan or spyware - sometimes even all of the above).
Unless you are 100% positive that it is a safe site, and it is providing a genuine "you need to update" message then I would be
extremely weary of it.
A good example of a "safe" site might be Youtube telling you that your flash player is out of date and that you need to upgrade. At which point you would be pointed to
the Adobe site to download the latest version.
However for a malicious site telling you that your codecs are out of date and need to be updated to display a video you will generally find:
1) You are not alerted to this until you click to play the video, at which point you will be presented with a message in the browser that you need to download and install codec "x".
2) When you click the link to download codec "x" the codec will either be hosted on the same domain e.g.
http://reallycoolvideosite.com/codecupdate.13483.exe or another odd looking domain e.g.
http://abxxs1.downloadsvr211.co.cc/codecsetup.1321.exe3) The download will be started automatically when you click the "you need to update" message.
4) If you click cancel a javascript prompt will be shown multiple times until you click the "OK" to download the malicious software.
When it comes to browser extensions and codecs the best advice I can give is do not do it unless you are 100% sure it is absolutely safe.
Most importantly, only ever download the latest versions of codecs (or similar) from the developers website - if they are asking you to download the latest flash player, go to the Adobe website. If they want you to update Windows Media Player, go to the Microsoft Website. Real Player? Go to the RealNetworks, Inc website - you get the idea I am sure.
Fake codec/browser extensions are a fairly big issue as even now many people are still unaware of the threat.
Some final advice: Be
very careful when you click links posted via Facebook. Likejacking is extremely common, and if you click a "video" on facebook you may find that it takes you to a site that
looks like Youtube, or a youtube video for example but in fact is not.
If it is a youtube video, you can generally find this out by right clicking - as the flash player options will be shown. If it's a fake video, often you will see either the standard browser right click menu (e.g. view source etc.) or view image.
If you do not know what likejacking is, be sure to read up on that
here too.
Likejacking can be
reasonably harmless as the majority of the time it is a survey scam (e.g. fill in this survey to prove you are a human and view the video!) however it can also be used to spread malicious software (and in this case it sounds like the latter happened).