An audit commissioned by Mozilla for the Firefox update system revealed no critical vulnerabilities and the flaws rated “high severity” were not easy to exploit.
http://feedproxy.google.com/~r/Securityweek/~3/fv_UzekixDQ/audit-finds-no-critical-flaws-firefox-update-system