Seems like an attack that might fool quite a lot of people. Of course when you run FF protected with Sandboxie or other sandbox, the attack won't work.
I'm a little late to this party. Sorry for the repeat post (which I have since edited). Even though this has been around for a couple of months, I just ran across it today. I was suspicious right away, never having seen such a pop-up from Chrome. The site I was going to (an insurance agency in New England) had been hacked in order to display the "warning".
Nothing on my machine blocked it. I just did not authorize the download. I sent the owner of the company an email last night describing to him what was happening. I included what I thought might be a helpful link for him... If my site shows the HoeflerText Pop-Up, What Should I Do? At this time, the agency's site is still "hosting" the fake Chrome pop up.