7.1 Secure Application Plug-ins

Information

Some active content such as audio and video can be automatically loaded by Firefox on websites. It is recommended to secure application plug-ins.
Some malicious websites use active content to exploit vulnerabilities in the active content handling application plug-in. It is recommended to always prompt the user when a website is about to load active content.

Solution

Perform the following procedure:

* Open the mozilla.cfg file in the installation directory with a text editor

* Add the following lines to mozilla.cfg:

lockPref("browser.helperApps.alwaysAsk.force", true);

See Also

https://workbench.cisecurity.org/files/1158

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b.

Plugin: Windows

Control ID: 9a48ff2ba09db4fcc3b05006a7ff1aef9c5cc0655bbca7d97339259730909978