This whole thing was handled piss poor by both Microsoft and Mozilla.
First off, WHY did MS install a FF plugin which cannot be disabled/uninstalled by normal means? And why does FF ALLOW plugins to have this functionality?
But onto the core issue.. why is Mozilla disabling the plugin AFTER THE FLAW HAS ALREADY BEEN PATCHED BY MICROSOFT??!
The proper way Mozilla should have went about this if they were concerned with users who have not patched their systems (and on that note - MS calling it an IE update was a BAD IDEA as well, since it doesn't only affect IE..) would be as follows:
1) If system has been patched (check .dll versions or something which would indicate patch installed..), LEAVE IT ALONE.
2) If not, pop up a message saying there is a vulnerability, and suggest it is a VERY GOOD IDEA to either:
a) Allow FF to disable the extension, but if not..
b) STRONGLY RECOMMEND the user apply the security update.
And if this is not possible in the current version of FF, push out an update (installed only with consent/auto updates enabled..) WITH FUNCTIONALITY TO ALLOW THIS.
I think it is DOWNRIGHT SCARY - on par with the Amazon Kindle 1984 debacle - that Mozilla has the ability to disable plugins on MY COMPUTER without my knowledge or consent.
I'm done now.. I feel a bit better.