UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Firefox must be configured to not automatically check for updated versions of installed search plugins.


Overview

Finding ID Version Rule ID IA Controls Severity
V-251548 FFOX-00-000004 SV-251548r807116_rule Medium
Description
Updates must be controlled and installed from authorized and trusted servers. This setting overrides a number of other settings that may direct the application to access external URLs.
STIG Date
Mozilla Firefox Security Technical Implementation Guide 2021-12-01

Details

Check Text ( C-54983r807114_chk )
Type "about:policies" in the browser address bar.

If "browser.search.update" is not displayed with a value of "false", this is a finding.
Fix Text (F-54937r807115_fix)
Windows group policy:
1. Open the group policy editor tool with "gpedit.msc".
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\
Policy Name: Preferences
Policy State: Enabled
Policy Value:
{
"browser.search.update": {
"Value": false,
"Status": "locked"
}
}

macOS "plist" file:
Add the following:
Preferences

browser.search.update

Value

Status
locked



Linux "policies.json" file:
Add the following in the policies section:
"Preferences": {
"browser.search.update": {
"Value": false,
"Status": "locked"
}
}