Almost all users run browsers from their accounts with admin priviledges.
There is a simple way to lower the privileges of a single application. This significantly lowers the possibilities of malicious code.
Microsoft will run IE 7 on Vista exactly this way.
Technically, it can be very simple to implement such feature for every Firefox running on Windows XP. Then, Firefox has something immediatelly on old systems what MS gives only for more money and in the new system.
Currently, I already use the methods from "Part 2" on my own computer to run Firefox. The limitiation is that "automatic update" of Firefox is done by firefox.exe, which should not be. The only thing needed is reorganizing way for the update.