Both your Trezors would rely on the same code and software. If you are using the same seed on both, the one where you installed that malicious update would cause you to lose everything. Alternatively, you could have two different wallets protected by different seeds in each of your Trezors. Or two different passphrased wallets.

In theory. If any open-source client releases a backdoored and malicious update, and the vulnerability is not checked or discovered by anyone in the updated code, it can lead to the loss of funds for those who installed the new update. But with hardware wallets, you are forgetting that you have to physically approve the transaction by pressing the correct buttons on the gadget. The malicious code could be written to reveal your seed maybe or have you generate pre-generated addresses that belong to scammers when you want to send a new transaction.