It looks like Mozilla's efforts to encourage users to update Flash Player has turned against them for the first time. Security researchers warn that a new scareware distribution campaign is using a fake copy of the "Firefox Updated" page to trick users into installing a rogue antivirus program.
Since Firefox 3.5.3, Mozilla also checks
if Flash Player is up-to-date when the browser is upgraded. If an old version of the plug-in is detected, a warning message encouraging users to install the latest variant, is displayed on the "whatsnew" page. This is the page that automatically opens on first run after a successful Firefox update.
Over 98% of computers in the world are estimated to have Flash Player installed and because of this, the application is amongst the most targeted pieces of software. Mozilla took the decision to perform the Flash Player check, because a lot of Firefox users failed to update the plug-in and exposed themselves to drive-by-download attacks.