FFOX-00-000028 - Firefox must not recommend extensions as the user is using the browser.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The Recommended Extensions program recommends extensions to users as they surf the web.

The user must not be encouraged to install extensions from the websites they visit. Allowed extensions are to be centrally managed.

Solution

Windows group policy:
1. Open the group policy editor tool with 'gpedit.msc'.
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesMozillaFirefoxUser Messaging
Policy Name: Extension Recommendations
Policy State: Disabled

macOS 'plist' file:
Add the following:
<key>UserMessaging</key>
<dict>
<key>ExtensionRecommendations</key>
<false/>
</dict>

Linux 'policies.json' file:
Add the following in the policies section:
'UserMessaging': {
'ExtensionRecommendations': false
}

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MOZ_Firefox_V6R3_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000381, Rule-ID|SV-251572r807188_rule, STIG-ID|FFOX-00-000028, Vuln-ID|V-251572

Plugin: Unix

Control ID: 02886f71845caf3b945f739917edba7ef0053a92b56eb6e7fcfece863068b466