Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Firefox must be configured to not automatically update installed add-ons and plugins.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-251549 | FFOX-00-000005 | SV-251549r807119_rule | Medium |
| Description |
|---|
| Set this to false to disable checking for updated versions of the Extensions/Themes. Automatic updates from untrusted sites puts the enclave at risk of attack and may override security settings. |
| STIG | Date |
|---|---|
| Mozilla Firefox Security Technical Implementation Guide | 2021-12-01 |
Details
| Check Text ( C-54984r807117_chk ) |
|---|
| Type "about:policies" in the browser window. If "ExtensionUpdate" is not displayed under Policy Name or the Policy Value is not "false", this is a finding. |
| Fix Text (F-54938r807118_fix) |
|---|
| Windows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Extensions Policy Name: Extension Update Policy State: Disabled macOS "plist" file: Add the following: Linux "policies.json" file: Add the following in the policies section: "ExtensionUpdate": false |