If i'm understanding firm protection, it simply patches the call that Nintendo uses to try to overwrite firm so hat it does nothing and report success.
if said call is the only way to actually overwrite firm, then there's nothing nintendo can do.
but if there's another way to do the overwrite, then we can't update unto luma team patches that too.
But i think the big N would get in trouble over that, if it had the potential to brick.
So i think it's better for them to attack the CFWs themselves. if they make luma brick without wiping a9lh,it's recoverable, and there's no possible legal action from them.
I have a few ideas on how that might be accomplished.
regardless, until told otherwise, we have to assume that 11.4 update is not actually safe, even though 11.3 update is. you can bet the instant nintendo cracks firm protection bypass and reliably wipes a9lh without bricking, there will be an update, people will update because it's safe, and they will get unhacked. it's what i would be working on if I was them.