The Software Updater update-manager
pops up and shows security updates for Firefox, for example. Naturally, I will click on "Install Now" to continue.
However, what happens if I still have Firefox running when I do this? Will it still update Firefox? Will the update be skipped and just pop up next time, again? Will the update force Firefox to close and maybe crash? Will it only partially update the software and possibly break my Firefox installation?
You must be thinking of Windows. Unix did it right, and then later, Windows came along and developed wrong ways of doing things.
With Windows, replacing a file that is in use by a running process can badly affect that process. The process will reference locations within that file and get incorrect information from it, usually with catastrophic results. That's why a Windows update generally requires a reboot to ensure that all processes are using correct versions of libraries etc.
With Unix, once a file has been opened by a process, that same file will always be available to the process even if the original file is removed from the filesystem.
After an update, the filesystem will contain a different version of the file, and all process that start after the update will use that new file. But, unlike Windows, all old Unix processes will continue using the original files that they started with. Even though no longer accessible via the filesystem, those files will persist as long as any process is using them. Eventually, when no processes are using the files, the old version of the files will finally be deleted.
You may of course decide to restart Firefox (or other processes) if you want to get the benefits of the update right away. The choice is yours.
Typically, updating a program while it's already open is no problem – as the other answerers have explained, a running process can continue to run even if its executable is deleted.
However, due to Firefox's multi-process model, you may get a prompt to restart it after an update anyway. This is because Firefox spawns new processes to isolate different websites, so if it spawns a new process after you've updated it but before you restart Firefox, the new process will be a newer version of Firefox than the rest of the browser. This can cause various issues, so Firefox might prompt you to restart it before allowing you to continue.
Incidentally, Chrome avoids this by using a "zygote" process that sits around doing nothing; when the browser needs to spawn a new process, instead of asking the OS to execute the browser executable again (which would execute the possibly-updated binary) it asks the zygote process to duplicate itself, and one of the copies then becomes a normal renderer process.