7.3 Disable Encrypted Media Extensions

Information

This setting configures whether encrypted media extensions (EME) are downloaded automatically without user consent. EME is a JavaScript API for playing DRMed video content in HTML.

Rationale:

Downloading media from the internet without user consent could lead to malicious content being downloaded and deployed to the system.

Impact:

Users will have to consent to downloading EMEs.

Solution

To establish the recommended configuration, set media.eme.enabled to false:

Type about:config in the address bar

Type media.eme.enabled in the filter

Ensure the setting is set as prescribed.

OR

Open the mozilla.cfg file in the installation directory with a text editor

Add the following lines to mozilla.cfg:

lockPref('media.eme.enabled', false);

Default Value:

True (Enabled).

See Also

https://workbench.cisecurity.org/files/4299

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7a.

Plugin: Unix

Control ID: 0c89c86c4c952a7993a986011ad879deeca85400dbb7921bbee14fd0c1ac2630