FFOX-00-000028 – Firefox must not recommend extensions as the user is using the browser.

Details

The Recommended Extensions program recommends extensions to users as they surf the web.

The user must not be encouraged to install extensions from the websites they visit. Allowed extensions are to be centrally managed.

Solution

Windows group policy:
1. Open the group policy editor tool with ‘gpedit.msc’.
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesMozillaFirefoxUser Messaging
Policy Name: Extension Recommendations
Policy State: Disabled

macOS ‘plist’ file:
Add the following:
UserMessaging

ExtensionRecommendations

Linux ‘policies.json’ file:
Add the following in the policies section:
‘UserMessaging’: {
‘ExtensionRecommendations’: false
}

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MOZ_Firefox_V6R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

800-53|CM-7a.
CAT|II
CCI|CCI-000381
Rule-ID|SV-251572r807188_rule
STIG-ID|FFOX-00-000028
Vuln-ID|V-251572

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles