If Firefox is in UAC'd location, then a Firefox compromise would simply drop an .exe or .dll into user's directory and set it up to be launched by Firefox. As an add-on, for example, or through the same exploit it used to enter the system.
In other words, the installation location doesn't really matter. If the process is breached, the user context is f#cked regardless.
I've checked it and yes, it connects to SSL'd mozilla update servers (like firefox did on it's own in the past)
The certificates appears to be pinned (so it doesn't trust "any" valid cert, only these very certs)
Then the downloaded update appears to be a mar signed file (then again firefox did that on it's own in the past too)
If a Firefox exploit drops an exe, it will never run with admin rights. It'd have to be coming from Mozilla and signed by Mozilla. Plus, it'd have to come from their servers, because you can't just drop the exe and have it installed, the updater only trust what it downloads on it's own.
In this case, its only the updater that runs privileged (which last time I checked was a separate application). The only way you should be able to 'compromise' it would be too man in the middle, and pretend to be Mozilla servers. Even then, if it used SSL (I'm not sure it does), and had an embedded certificate, then it should be fine.
Yes, the Firefox updater uses SSL and other mechanisms to prevent man-in-the-middle attacks. The update payload itself is signed with a private key controlled directly by Mozilla, to avoid vulnerability to CA compromises [1]. The connection to the update server uses SSL and performs additional checks to ensure not only that the SSL certificate is valid, but that it matches one of a small list of known certs or issuers, so a bad CA can't issue a forged certificate [2][3].
In other words, the installation location doesn't really matter. If the process is breached, the user context is f#cked regardless.