Details

The Recommended Extensions program makes it easier for users to discover extensions that have been reviewed for security, functionality, and user experience. Allowed extensions are to be centrally managed.

Solution

Windows group policy:
1. Open the group policy editor tool with ‘gpedit.msc’.
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesMozillaFirefox
Policy Name: Preferences
Policy State: Enabled
Policy Value:
{
‘extensions.htmlaboutaddons.recommendations.enabled’: {
‘Value’: false,
‘Status’: ‘locked’
}
}

macOS ‘plist’ file:
Add the following:
Preferences

extensions.htmlaboutaddons.recommendations.enabled

Value

Status
locked

Linux ‘policies.json’ file:
Add the following in the policies section:
‘Preferences’: {
‘extensions.htmlaboutaddons.recommendations.enabled’: {
‘Value’: false,
‘Status’: ‘locked’
}
}+I420

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MOZ_Firefox_V6R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|CM-7a.
• CAT|II
• CCI|CCI-000381
• Rule-ID|SV-251570r807182_rule
• STIG-ID|FFOX-00-000026
• Vuln-ID|V-251570

Source

• Tenable.com/audits